PHP Object Injection Vulnerability in Leaky Paywall

https://www.pluginvulnerabilities.com/2017/08/17/php-object-injection-vulnerability-in-leaky-paywall/
We recently started proactively monitoring for evidence of some high risk vulnerabilities when changes are made to WordPress plugins and if we had more customers we could expand the proactive monitoring to more types of vulnerabilities. One of the types of vulnerabilities we are looking for are PHP object injection vulnerabilities since those are likely to be exploited if hackers become aware

Settings Change Vulnerability in Asgaros Forum

https://www.pluginvulnerabilities.com/2017/08/16/settings-change-vulnerability-in-asgaros-forum/
One of the ways we make sure we have the best data on vulnerabilities in WordPress plugins is by monitoring the WordPress Support Forum for threads possibly related to those. Through that today we ran across a thread started earlier today that seemed to indicate malicious .php files were being uploaded through the Asgaros Forum plugin. Looking over the plugin we found

Event Espresso Lite <= 3.1.37.11.L – Authenticates Blind SQL Injection

https://wpvulndb.com/vulnerabilities/8890

rk-responsive-contact-form 1.0 – Authenticated Blind SQL Injection

https://wpvulndb.com/vulnerabilities/8889

wordpress-gallery-transformation 1.0 – Blind SQL Injection

https://wpvulndb.com/vulnerabilities/8888

I Recommend This <= v3.7.7 – Authenticated SQL Injection

https://wpvulndb.com/vulnerabilities/8887

Link-Library <= 5.9.13.26 – Authenticated SQL Injection

https://wpvulndb.com/vulnerabilities/8886

AddToAny Share Buttons <= 1.7.14 – Conditional Host Header Injection

https://wpvulndb.com/vulnerabilities/8885

Ransomware Targeting WordPress – An Emerging Threat

https://www.wordfence.com/blog/2017/08/ransomware-wordpress/
This entry was posted in Wordfence, WordPress Security on August 15, 2017 by Mark Maunder   0 Replies Recently, the Wordfence team has seen ransomware being used in attacks targeting WordPress. We are currently tracking a ransomware variant we are calling “EV ransomware.” The following post describes what this ransomware does and how to protect yourself from being hit by

Wordfence Unnecessarily Scares Public by Including Non-Existent Threat Against Plugin in Their WordPress Attack Report

https://www.pluginvulnerabilities.com/2017/08/11/wordfence-unnecessarily-scares-public-by-including-non-existent-threat-against-plugin-in-their-wordpress-attack-report/
Unfortunately much of the security industry doesn’t seem to have interest in being responsible when it comes to security information they put out, instead they throw out information without regards to accuracy, often causing the public to be concerned about non-threats (while real threats go under focused). A case in point of this is something we just looked into involving