by Akos Molnar | Dec 22, 2020 | Other, Threat lab
A critical vulnerability was found in Contact Form 7. The WordPress utility is activated on more than 5 million websites, and 70% of these are running the unprotected 5.3.1 version or older. The vulnerability allows attackers to bypass Contact Form 7’s filename...by Akos Molnar | Nov 26, 2020 | Threat lab
Researchers have found a vulnerability in cPanel and WHM. With a brute force attack, hackers can easily bypass the 2-Factor Authentication (2FA). The SEC-575 vulnerability allowed attackers to try limitless 2FA codes until finding the right one and gain access to the...by Akos Molnar | Sep 4, 2020 | Threat lab
On 2 September 2020 arstechnica reported a zero-day vulnerability in a WordPress plugin. File Manager helps users manage their files on the website. It was downloaded 700,000 times and more than half of the customers are affected. The...