SQL Injection Vulnerability in WP Statistics

less than 1 minute read

SQL Injection Vulnerability in WP Statistics<p>As part of a vulnerability research project for our Sucuri Firewall, we have been auditing popular open source projects looking for security issues.</p>

While working on the WordPress plugin WP Statistics, we discovered a SQL Injection vulnerability. This plugin is currently installed on 300,000+ websites.

Are You at Risk?

This vulnerability is caused by the lack of sanitization in user provided data. An attacker with at least a subscriber account could leak sensitive data and under the right circumstances/configurations compromise your WordPress installation.

Continue reading SQL Injection Vulnerability in WP Statistics at Sucuri Blog.

Spotlight on Women in Cybersecurity

less than 1 minute read

Sucuri is committed to helping women develop their careers in technology. On International Women’s Day, Sucuri team members share their insights into workin...

Hacked Website Trend Report – 2018

less than 1 minute read

We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / ...