plugin

  • Blog
    digitpatrox5 days ago
    26

    W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks

    A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. The W3 Total Cache plugin uses multiple caching techniques to optimize a website’s speed, reduce load times, and generally improve its SEO ranking. The flaw is tracked as CVE-2024-12365 despite the developer releasing…

    Read More »
  • Blog
    digitpatrox2 weeks ago
    69

    Unpatched critical flaws impact Fancy Product Designer WordPress plugin

    Premium WordPress plugin Fancy Product Designer from Radykal is vulnerable to two critical severity flaws that remain unfixed in the current latest version. With more than 20,000 sales, the plugin allows customization of product designs (e.g. clothing, mugs, phone cases) on WooCommerce sites by changing colors, transforming text, or modifying the size. While examining the plugin, Patchstack’s Rafie Muhammad discovered…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    36

    Bad Tenable plugin updates take down Nessus agents worldwide

    Tenable says customers must manually upgrade their software to revive Nessus vulnerability scanner agents taken offline on December 31st due to buggy differential plugin updates. As the cybersecurity company acknowledged in an incident report issued after pausing plugin updates to prevent the issue from impacting even more systems, the agents went offline “for certain users on all sites.” This ongoing…

    Read More »
  • Blog
    digitpatroxDecember 12, 2024
    57

    Hunk Companion WordPress plugin exploited to install vulnerable plugins

    Hackers are exploiting a critical vulnerability in the “Hunk Companion” plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. By installing outdated plugins with known vulnerabilities with available exploits, the attackers can access a large pool of flaws that lead to remote code execution (RCE), SQL injection, cross-site scripting (XSS) flaws, or create backdoor admin…

    Read More »
  • Blog
    digitpatroxDecember 6, 2024
    63

    How Electric Car, Plug-In Hybrid, Hybrid Reliability Compare

    EVs are battery-powered vehicles that need to be plugged in to charge. As was the case in prior years, newer manufacturers are still struggling to catch up with more established automakers. Both Lucid and Rivian started delivering new cars to owners only in 2021. The Lucid Air is the least-reliable electric sedan, and of brands for which we have sufficient…

    Read More »
  • Blog
    digitpatroxNovember 17, 2024
    66

    Security plugin flaw in millions of WordPress sites gives admin access

    A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin ‘Really Simple Security’ (formerly ‘Really Simple SSL’), including both free and Pro versions. Really Simple Security is a security plugin for the WordPress platform, offering SSL configuration, login protection, a two-factor authentication layer, and real-time vulnerability detection. Its free version alone is used in over four million websites. Wordfence,…

    Read More »
  • Blog
    digitpatroxNovember 16, 2024
    158

    Electric Vehicles & Plug-In Hybrids Qualifying for Federal Tax Credit

    To qualify for a tax credit of up to $7,500, a new EV or eligible plug-in hybrid vehicle (PHEV) must meet certain rules:  • A vehicle’s MSRP must not exceed certain limits, so pricey EVs like the GMC Hummer EV, Lucid Air, and Tesla Model S won’t qualify. For SUVs, pickup trucks, and vans, the threshold is $80,000. For sedans,…

    Read More »
  • Blog
    digitpatroxOctober 13, 2024
    248

    WordPress.org’s latest move involves taking control of a WP Engine plugin

    WordPress.org has taken over a popular WP Engine plugin in order “to remove commercial upsells and fix a security problem,” WordPress cofounder and Automattic CEO Matt Mullenweg announced today. This “minimal” update, which he labels a fork of the Advanced Custom Fields (ACF) plugin, is now called “Secure Custom Fields.” It’s not clear what security problem Mullenweg is referring to…

    Read More »
  • Blog
    digitpatroxOctober 3, 2024
    186

    Jeep Grand Cherokee, Wrangler Plug-In Hybrids Recalled for Fire Risk

    Vehicles Recalled • Jeep Wrangler 4xe SUVs manufactured between July 1, 2020, and Nov. 16, 2023.• Jeep Grand Cherokee 4xe SUVs manufactured between May 17, 2021, and Nov. 16, 2023.  The problem: Separator damage within the high-voltage battery pack may lead to a vehicle fire. Jeep is investigating the root cause of the problem along with Samsung SDI, the battery manufacturer.…

    Read More »
  • Blog
    digitpatroxAugust 27, 2024
    119

    Malware infiltrates Pidgin messenger’s official plugin repository

    The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers, information stealers, and malware commonly used to gain initial access to corporate networks. The plugin was promoted as a screen-sharing tool for secure Off-The-Record (OTR) protocol and was available for both Windows and Linux versions…

    Read More »
Load More
Back to top button
close