15 Nov

Detectify is Eight Months Behind Detecting Vulnerability in WordPress Plugin With 2+ Millions Installs

For us providing the best data on vulnerabilities in WordPress plugins is important, but we could easily being doing that even if we were doing much less than we do currently, but even with that we continue to work to improve and find ways to gather data on more vulnerabilities. As an example of how [Read more]

15 Feb

A Doubly Bad Way to Check if Your WordPress Website Uses Plugins With Known Vulnerabilities

One of the many problems with the security industry is the use of ineffective solutions to tackle various tasks when much more effective solutions are readily available. While some of the usage of those less effective solutions may be necessary due the particulars of a situation, it seems that most usage is due to people [Read more]

01 Dec

Vulnerability Details: Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Special Text Boxes

This Vulnerability Details post about a vulnerability in the plugin Special Text Boxes provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view [Read more]

01 Dec

Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in Special Text Boxes

This Vulnerability Details post about a vulnerability in the plugin Special Text Boxes provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view [Read more]

02 Nov

Vulnerability Details: Cross-Site Request Forgery (CSRF) Vulnerability in WP Fastest Cache

This Vulnerability Details post about a vulnerability in the plugin WP Fastest Cache provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view [Read more]

01 Nov

Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in Pretty Links (Lite)

Our Vulnerability Details posts provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view the rest of the post.If you are not currently [Read more]

23 Oct

Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in Popup by Supsystic

This Vulnerability Details post about a vulnerability in the plugin Popup by Supsystic provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view [Read more]

20 Oct

Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in Duplicate Page

This Vulnerability Details post about a vulnerability in the plugin Duplicate Page provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view the [Read more]

20 Oct

Vulnerability Details: Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Use Any Font

Our Vulnerability Details posts provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view the rest of the post.If you are not currently [Read more]

19 Oct

Vulnerability Details: Reflected Cross-Site Scripting (XSS) Vulnerability in WP-Members

This Vulnerability Details post about a vulnerability in the plugin WP-Members provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered and are freely available.For existing customers, please log in to your account to view the rest [Read more]