Bleeping Computer

Fake jQuery files infect WordPress sites with malware

Security researchers have spotted counterfeit versions of the jQuery Migrate plugin injected on dozens of websites which contains obfuscated code to load malware. These files are named ...
Threat Post

WordPress Symposium Plug-In Plagued by File Upload Vulnerability

Researchers warn that since public disclosure of a file-upload vulnerability in the WordPress Symposium plug-in and the availability of proof-of-concept exploit code, scans and exploit attempts are on ...
Threat Post

Thousands of Applications Vulnerable to RCE via jQuery File Upload

The flaw has existed for eight years thanks to a security change in Apache. A widely used plugin by Blueimp called jQuery File Upload contains a years-old vulnerability that potentially places 7,800 ...
Bleeping Computer

Hackers actively exploit critical RCE in WordPress Alone theme

Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme 'Alone,' to achieve remote code execution and perform a full site takeover.