Security News > 2015 > March > Critical hole in popular WordPress SEO plugin allows SQLi, site hijacking (Help Net Security)

Critical hole in popular WordPress SEO plugin allows SQLi, site hijacking (Help Net Security)

2015-03-13 10:26

Another highly popular WordPress plugin has been found sporting a cross-site request forgery flaw that can be exploited to mount a blind SQL injection attack, and could also lead to an attacker gainin...

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Y8NB8Hzgrr0/secworld.php

#wordpress #critical #hijacking #security

Related news

HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
Security plugin flaw in millions of WordPress sites gives admin access (source)
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
Major security audit of critical FreeBSD components now available (source)
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks (source)
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
Critical security hole in Apache Struts under exploit (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Wordpress		7	2	93	44	18	157
Plugin		2	0	13	1	0	14

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.