Astra

2 May 2019

Did Sucuri Lie About a Claimed SQL Injection Vulnerability or Unnecessarily Frighten People Due to Not Doing Basic Testing?

Yesterday we wrote about the web security company Sucuri overstating the impact of a SQL injection vulnerability, which they had re-discovered a year and half after we had discussed it. That was one of two claimed SQL injection vulnerabilities they disclosed recently and the post on the other, claimed to be in the plugin Advance Contact Form 7 DB, manages to be worse.

Their post starts by making a claim that doesn’t seem to make sense: [Read more]

14 Sep 2018

Astra Falsely Claims That Minor Vulnerabilities in Contact Form 7 Lead To Websites Being Hacked

If you are looking for information on vulnerabilities in WordPress plugins a common suggestion is to do a search for them, like this recent one from a moderator from the WordPress Support Forum:

Do a search for any known vulnerabilities in the plugin. If any exist for old plugins, they should be well known by now. [Read more]

Plugin Vulnerabilities

A service to protect your site against vulnerabilities in WordPress plugins.

Tag Archives: Astra

Did Sucuri Lie About a Claimed SQL Injection Vulnerability or Unnecessarily Frighten People Due to Not Doing Basic Testing?

Astra Falsely Claims That Minor Vulnerabilities in Contact Form 7 Lead To Websites Being Hacked