Critical Vulnerability in WooCommerce Multiple File Upload(CVE20254403)
WordPress Drag and Drop Multiple File Upload for WooCommerce plugin <= 1.1.6 - Unauthenticated Arbitrary File Upload via upload Function vulnerability
WordPress Booking Ultra Pro Plugin <1.1.4 - Cross-Site Scripting (XSS) vulnerability
The WordPress Booking Ultra Pro Plugin (v1.1.4 or earlier) has an unfixed high-severity XSS vulnerability, allowing malicious script injection. Other known vulnerabilities include CSRF issues.
How API Abuse Has Been the Leading Cause of Data Breaches
For good reason, API Abuse has recently become a significant topic among security professionals. Large-scale data breaches have occurred in the previous two years as a result of APIs being abused and misused in some way.
The top ten cyber threats of 2023 and how to mitigate them
This article will provide background information on the OWASP Top 10 risks, demonstrate how cybercriminals may identify or exploit some of these risks, and provide an overview of general approaches outlining how businesses can reduce the attack surface of their web applications using the extensive web security resources offered by OWASP.
GoDaddy: Hackers stole source code and inserted malware in a multi-year hack
Unknown attackers stole source code and put malware on GoDaddy's servers after infiltrating its cPanel shared hosting environment in a multi-year attack, according to the web hosting giant GoDaddy.