Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
WordPress Plugin Bug Can Be Exploited to Create Rogue Admins
Malware and Vulnerabilities
April 03, 2020
Bleeping Computer
Owners of WordPress sites who use the Contact Form 7 Datepicker plugin are urged to remove or deactivate it to prevent attackers from creating rogue admins or taking over admin sessions.
Read More
WordPress
Contact Form 7 Datepicker Plugin
XSS bug
stored cross-site scripting bug
minimal permissions
Publisher
Previous
In COVID-19 Scam Scramble, Cybercrooks Recycle Phishing ...
Threat Intel & Info Sharing
Next
A hacker has wiped, defaced more than 15,000 Elasticsea ...
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/image_bank/79d9_shutterstock_1020493849.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_95440231.jpg)
