12 Aug

You Are Not Always Going to Get The Best Information on WordPress Plugin Vulnerabilities From Twitter

We are always looking for ways to improve the vulnerability data on WordPress plugins we provide to our customers. One of the things we have been doing recently is reviewing some old third-party data on hacking attempts to help identify vulnerabilities that probably have been known and exploited by hackers for some time, but have [Read more]

01 Aug

Arbitrary File Upload Vulnerability in Estatik

As we continue to review old third-party data on hacking attempts to identity more vulnerabilities that hackers have likely already discovered in WordPress plugins we spotted an arbitrary file upload vulnerability in the plugin Estatik. Back in June of last year a request was made for the file /wp-content/plugins/estatik/front_templates/css/es_front_responsive.css, for what was likely a probe for [Read more]