Security News > 2018 > August > New PHP Code Execution Attack Puts WordPress Sites at Risk
2018-08-17 09:33
Sam Thomas, a security researcher from Secarma, has discovered a new exploitation technique that could make it easier for hackers to trigger critical deserialization vulnerabilities in PHP programming language using previously low-risk considered functions. The new technique leaves hundreds of thousands of web applications open to remote code execution attacks, including websites powered by
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/uXfmSC2iTH8/php-deserialization-wordpress.html
Related news
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- Over 660,000 Rsync servers exposed to code execution attacks (source)
- W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks (source)