WordPress News

Vulnerability Found in WordPress Anti-Malware Firewall

Researchers found a reflected cross-site scripting vulnerability in a popular WordPress anti-malware plugin. An attacker can exploit this vulnerability to compromise the account of an administrator on the affected website.

It is Anti-Malware Security and Brute-Force Firewall that was discovered to contain the vulnerability, affecting over 200K websites worlwide.

This plugin provides website protection as a firewall (to block incoming threats), as well as database injection protection and backdoor hack detection.

Websites with a premium version are protected against brute force attacks, which attempt to guess passwords as well as blocking DDoS attacks.

There was a vulnerability in this plugin that allowed for reflected XSS attack.

As far as cross-site scripting is concerned, a reflected cross-site scripting vulnerability occurs when a WordPress website does not properly limit what can be entered on the site.

If the upload is not restricted, it is akin to leaving the front door open, and letting anything pass through.

In order to exploit this vulnerability, a hacker uploads a script on the website and forces it to reflect it back.

Visitors with administrator-level access will find that when they go to the compromised URL created by the attacker, they will find that the script will be activated with the admin permissions stored in their browser.

Supriyo Das

A Blogger, Web developer, SEO specialist, and professional writer. I own more than ten blogs; all are generating thousands of dollars every month. I work closely with web development. With my experience, I want to help online startups through engaging and actionable content.

Published by
Supriyo Das

Recent Posts

16 Best wedding planner website templates in 2022

A wedding is one of the most critical days in a couple's life, so, understandably,…

1 day ago

10 Best commodity trading website templates in 2022

Are you looking for best commodity trading website templates for startup? Then you are in…

4 days ago

5 Best Live streaming TV website template of 2022

Looking for best Live streaming tv website template for your online business? Live streaming TV…

4 days ago

5 Best Adobe XD ecommerce website templates in 2022

Are you looking for the best Adobe xd eCommerce website templates in 2022 to promote…

4 days ago

6 Best Jewelry eCommerce website templates 2022

Are you also looking for the best jewelry eCommerce website templates to promote your jewelry…

4 days ago

6 Best pressure washing website templates in 2022

Are you looking for pressure washing website templates to build your dream web business with style and…

4 days ago