Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Yellow Pencil WordPress Plugin flaw expose tens of thousands of sites

Thousands of WordPress sites using the Yellow Pencil Plugin were exposed to hacking due to a privilege escalation vulnerability in the plugin.

A privilege escalation vulnerability in the Yellow Pencil Visual Theme Customizer plugin exposes WordPress websites to hack. The flaw could be exploited by attackers to update arbitrary options on vulnerable installations.

Early this week, the plugin was removed from the repository. it has been estimated that the plugin is installed on over 30,000 websites.

Experts at security firm Wordfence observed a high volume of attempts to exploit the vulnerability after a security researcher publicly disclosed this week proof of concept (POC) for a set of two software vulnerabilities affecting the plugin.

“On Tuesday a security researcher made the irresponsible and dangerous decision to publish a blog post including a proof of concept (POC) detailing how to exploit a set of two software vulnerabilities present in the plugin.”...(continued)

View All Trending Stories