plugin Archives - Cyber Security Minute

Actively Exploited Zero-Day Found in WordPress Plugin Used by Many Online Stores

Issued by: Security Week

Fancy Product Designer is a premium plugin for online stores that provides users with the ability to customize products with images and PDF files uploaded from various devices. The plugin provides various other customization options as well. This week, Wordfence discovered that threat actors are targeting an unpatched critical vulnerability in Fancy Product Designer. The…

Vulnerabilities

Flaw in WordPress Themes Plugin Allowed Hackers to Become Site Admin

Issued by: Security Week

ThemeGrill Demo Importer is a popular plugin that allows WordPress website administrators to import demo content, widgets and settings for ThemeGrill themes. Researchers at web security company WebARX discovered recently that versions 1.3.4 through 1.6.1 of the plugin are affected by a critical vulnerability that allows an unauthenticated attacker to wipe the entire database of…

Cloud Security, Malware & Threats

Backdoor Uploaded to WordPress Sites via eCommerce Plugin Zero-Day

Issued by: Security Week

A zero-day vulnerability in an ecommerce plugin for WordPress has been exploited by cybercriminals to upload backdoors to affected websites, researchers warned. The ideal scenario for profit-driven hackers is to find and exploit security holes in plugins installed on hundreds of thousands or millions of websites. However, targeting a large number of less popular applications…