Tag: WordPress Security
Trends Emerging Following Vulnerability In WP GDPR Compliance Plugin
Earlier this week the WP GDPR Compliance plugin was briefly removed from the WordPress.org repository after the discovery of critical security issues impacting its users. In yesterday’s post, we provided some details regarding these issues and illustrated their severity. In the hours since that post was published, our team has continued tracking the adversaries seeking…
![Erealitatea[.]net Hack Corrupts Websites with WP GDPR Compliance Plugin Vulnerability](https://eworldlinx.com/wp-content/uploads/2018/11/11122018-wordpress-gdpr-plugin-infection_en-blog-560x263.png)
Erealitatea[.]net Hack Corrupts Websites with WP GDPR Compliance Plugin Vulnerability
We have noticed a growing number of WordPress-based sites that have had their URL settings changed to hxxp://erealitatea[.]net. Further investigations show that the issue is related to a security vulnerability in the WP GDPR Compliance plugin for WordPress (with 100,000+ active installations). The new General Data Protection Regulation (GDPR) laws in the EU have made…
Privilege Escalation Flaw In WP GDPR Compliance Plugin Exploited In The Wild
After its removal from the WordPress plugin repository yesterday, the popular plugin WP GDPR Compliance released version 1.4.3, an update which patched multiple critical vulnerabilities. At the time of this writing, the plugin has been reinstated in the WordPress repository and has over 100,000 active installs. The reported vulnerabilities allow unauthenticated attackers to achieve privilege escalation,…
New WordPress Security Email Course
Recent statistics show that over 32% of website administrators across the web use WordPress. Unfortunately, the CMSs popularity comes at a price — attackers often seek out vulnerabilities to exploit and target unhardened WordPress sites. If a site is compromised, it often becomes the host of malicious malware or spam campaigns, harming your website’s reputation…