A Walk Through a Year of Website Security: Part II

Part I of our 2021 Security Walkthrough shows the initial 5 posts of our top 10. 6 – Vulnerable Plugin Exploited in Spam Redirect Campaign It was brought to our malware research team’s attention that a vulnerability was discovered in old, unpatched versions of the wp-user-avatar plugin. The type of vulnerability found is known as a privilege escalation, which essentially allows a user to gain elevated access by exploiting a bug, and can allow files to be uploaded.  Continue reading...