Ninja blog

A critical vulnerability was found in Contact Form 7. The WordPress utility is activated on more than 5 million websites, and 70% of these are running the unprotected 5.3.1 version or older. The vulnerability allows attackers to bypass Contact Form 7’s filename sanitization and upload a file that can be executed as a script file on the host server.

Researchers have found a vulnerability in cPanel and WHM. With a brute force attack, hackers can easily bypass the 2-Factor Authentication (2FA). The SEC-575 vulnerability allowed attackers to try limitless 2FA codes until finding the right one and gain access to the account. Usually, brute force attacks take more hours or even days to execute, […]

[et_pb_section admin_label="section"] [et_pb_row admin_label="row"] [et_pb_column type="4_4"][et_pb_text admin_label="Text"] On 2 September 2020 arstechnica reported a zero-day vulnerability in a WordPress plugin. File Manager helps users manage their files on the website. It was downloaded 700,000 times and more than half of the customers are affected. The vulnerability allowed hackers to execute commands and upload files on a website. How did the BitNinja […]