• About us
  • Disclaimer
  • Privacy Policy
Tuesday, May 17, 2022
  • Login
  • Register
W-SE (Web - SEcurity)
  • Tech today
  • Security
    • Vulnerabilities
    • Malware
    • Android
    • Top list
  • Cyber Attacks
  • How To?
    • All
    • gaming
    • Smart phone
    • smart tv
    • software
    Ideal Internet Speed for Online Gaming

    Ideal Internet Speed for Online Gaming

    Cybersecurity Tips to Protect Your Mac

    Nighthawk Mr5100 Bridge Mode

    What are Data Centers, and Why Are They Important

    What are Data Centers, and Why Are They Important?

    Blanket

    The Main Reasons Why Every Home Needs at Least One Faux Fur Throw

    How to Find a Powerful Laptop

    How to Find a Powerful Laptop?

    how to connect second monitor to laptop windows 10

    Is 300 Mbps Good For Gaming

    Trending Tags

    • Security
    • Web Security
    • cyber-security
    • Enhanced Security
    • Data Security
    • Security Bugs
    • Network Security
    • Cybersecurity
    • Security Updates
    • Mobile Security
    • Microsoft Security Updates
    • Data security and compliance
  • Contact
  • About us
    • Disclaimer
  • Write For Us
No Result
View All Result
  • Tech today
  • Security
    • Vulnerabilities
    • Malware
    • Android
    • Top list
  • Cyber Attacks
  • How To?
    • All
    • gaming
    • Smart phone
    • smart tv
    • software
    Ideal Internet Speed for Online Gaming

    Ideal Internet Speed for Online Gaming

    Cybersecurity Tips to Protect Your Mac

    Nighthawk Mr5100 Bridge Mode

    What are Data Centers, and Why Are They Important

    What are Data Centers, and Why Are They Important?

    Blanket

    The Main Reasons Why Every Home Needs at Least One Faux Fur Throw

    How to Find a Powerful Laptop

    How to Find a Powerful Laptop?

    how to connect second monitor to laptop windows 10

    Is 300 Mbps Good For Gaming

    Trending Tags

    • Security
    • Web Security
    • cyber-security
    • Enhanced Security
    • Data Security
    • Security Bugs
    • Network Security
    • Cybersecurity
    • Security Updates
    • Mobile Security
    • Microsoft Security Updates
    • Data security and compliance
  • Contact
  • About us
    • Disclaimer
  • Write For Us
No Result
View All Result
W-SE (Web - SEcurity)
No Result
View All Result
Home Security

Hackers can use Product Review Plugin to Inject Code into WordPress Sites

Melina Richardson by Melina Richardson
in Security, Vulnerabilities
A A

A flaw recently discussed in the WP Product Review Lite WordPress plugin could be misused to hack websites by unauthenticated attackers.

WP Product Review Lite is designed to create reviews of products on WordPress websites. It supports the creation of a top rating widget for the goods and also allows for monetization by inserting a “buy now” button in articles. More than 40,000 installations are on the plugin.

Last week, the development team behind the plugin discussed an unauthenticated persistent Cross-Site Scripting (XSS) vulnerability which could have been abused to insert code into all product pages of a website.

Get into the Cyber Security Career now!

The problem, explains Sucuri security researchers, is that while all user input data is sanitized, one of the WordPress functions used can be bypassed if the attacker sets a parameter inside an HTML attribute.

“A successful attack results in the insertion of malicious scripts into all goods on the web,” the researchers explain.

Without authentication, an attack can be launched which means threat actors can automate attacks, warns Sucuri. It makes launching attacks against a large number of vulnerable websites simple for cyber-criminals.

“What makes this vulnerability particularly dangerous is the number of active installations, the ease of exploitation, and the consequences of a successful attack,” the researchers note.

The vulnerability was identified by Sucuri on May 13 and a patch was released the following day, with WP Product Review Lite version 3.7.6.

Although no active exploitation attempts have been observed, the security researchers recommend that website administrators upgrade to the patched version as soon as possible, as older plugin iterations remain vulnerable to attacks and potential compromise.

Learn Cyber Security Career Guide here!
Tags: Cyber criminalswebsitesWordPressXSS
ShareTweetShare
Previous Post

NortonLifeLock Releases Free Tool for Twitter Bots Detection

Next Post

Several Tips to Safeguard Your Windows 7 Devices

Melina Richardson

Melina Richardson

Melina Richardson is a Cyber Security Enthusiast, Security Blogger, Technical Editor, Certified Ethical Hacker, Author at Cybers Guards & w-se. Previously, he worked as a security news reporter.

Next Post
Wondershare Mockitt

Several Tips to Safeguard Your Windows 7 Devices

Please login to join discussion
  • Trending
  • Comments
  • Latest
router

192.168.0.1 – 192.168.1.1 Router Login Password

April 6, 2020
inurl technology

Latest Carding Dorks List for Sql Injection 2022

March 16, 2022
connect monitor to laptop two screens

How To Connect A Monitor To A Laptop And Use Both Screens?

February 10, 2021
how to connect two monitors to my laptop

How Do I Connect 2 Monitors To My Lenovo Laptop?

January 22, 2021
Windows Flaw

If Older Battleye software is used, Windows 10 1903 Blocked

0
Mac Os

New unpatched macOS bypass gatekeeper published online

0
Siemens Medical Products

Wormable Windows Flaw Affected Siemens Medical Products

0
Cloud Computing

5 Tips of the Personal Data Protection in the Cloud

0
Super Desktop

Asus Router Keeps Dropping Internet

May 17, 2022
How to Find a Powerful Laptop

Reset Orbi

May 17, 2022
Ideal Internet Speed for Online Gaming

AT&T Router Settings

May 17, 2022
Blanket

192.168.0.100.1

May 17, 2022
ADVERTISEMENT

Quick Links

Learnopedia
Tech Write For US
Technology Write For US
Casino Write For Us
Mr.Perfect Reviews
Cyber Security Career

Recent News

Super Desktop

Asus Router Keeps Dropping Internet

May 17, 2022
How to Find a Powerful Laptop

Reset Orbi

May 17, 2022
Ideal Internet Speed for Online Gaming

AT&T Router Settings

May 17, 2022
Blanket

192.168.0.100.1

May 17, 2022
W-SE (Web – SEcurity)

W-SE regularly updates cyber attacks, hacking and events that provide IT security professionals with information throughout the world. Also offering news in W-SE. We spent two years living and sharing guidance and insights with IT experts, detailed analyzes and news.

We also train people with product reviews in different form of content.

Browse by Category

  • Android
  • Camera
  • computer
  • Cyber Attacks
  • Cyber Security
  • Cybercrime
  • Encryption
  • Error
  • Featured
  • Fraud & Identity
  • gaming
  • How To?
  • laptop
  • Login
  • Malware
  • Microsoft
  • Mobile
  • photography
  • Privacy
  • Reviews
  • Security
  • Security Degree
  • Smart phone
  • smart tv
  • Social
  • software
  • Tech
  • Tech today
  • Top list
  • Uncategorized
  • Virus & Threats
  • Vulnerabilities
  • Website
  • What is?

Recent News

Super Desktop

Asus Router Keeps Dropping Internet

May 17, 2022
How to Find a Powerful Laptop

Reset Orbi

May 17, 2022
  • About us
  • Contact
  • Disclaimer
  • Home
  • Privacy Policy
  • Resources
  • Support Forum
  • Tech Blog
  • Technology Write For Us
  • W-SE (Web Security)

© 2020 w-se.com - Powered by Fix Hacked Website, Cyber Special , SSL Authority Reviews Powered by Mr.Perfect Reviews.

No Result
View All Result
  • Tech today
  • Security
    • Vulnerabilities
    • Malware
    • Android
    • Top list
  • Cyber Attacks
  • How To?
  • Contact
  • About us
    • Disclaimer
  • Write For Us

© 2020 w-se.com - Powered by Fix Hacked Website, Cyber Special , SSL Authority Reviews Powered by Mr.Perfect Reviews.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In