WordPress Sites Vulnerable to Plugin-Related SQL Attacks | Threatpost | The first stop for security news

The key was really a hashed version of the plugin’s installation timestamp, according to Montpas, and to determine it, all an attacker would have to do is go to a site that caches information about when sites were started, like the Internet Archive. This narrows values down considerably and once an attacker has secured the key, they could pair it with timestamps coming from the plugin—easily obtainable, they’re included on the vulnerable site’s homepage—and perform a blind SQL injection.Once a hacker knows the key they can take it attach a payload and MD5 it to pass the site’s validity check and extract data from its database.

via WordPress Sites Vulnerable to Plugin-Related SQL Attacks | Threatpost | The first stop for security news.

Doña Dulcinea

The Sun Shines Behind The Clouds Through The Raindrops Falling On My Head

Socialist Action

In Solidarity With Workers and the Oppressed Everywhere

Richardson Reports

News you can't get anywhere else....

nuclear-news

The News That Matters about the Nuclear Industry Fukushima Chernobyl Mayak Three Mile Island Atomic Testing Radiation Isotope

AGR Daily News

Quaker Inspired, Evidence Based, Art And Science Of Sustainable Health Plus Success - How To Create Heaven On Earth - Education For Seventh Generation Rainbow Warriors

Observer

People and Trends

Patribotics

Louise Mensch, National Security Journalism

Angry White Men

Tracking White Supremacy

Tina Ngata

Dismantling Frameworks of Domination, Rematriating Ways of Being.

SKWAWKBOX

News, politics, insights, inside information from the left

Mike Rothschild

Conspiracy theory researcher and debunker

caged but undaunted

stanley l cohen

IPNOT GLOBAL

We are a group of grassroots activists from all over the world. Palestine Unites Us. News about Palestine and its supporters worldwide

settler colonial studies blog

A blog for the advancement of settler colonial studies

Longreads

The best longform stories on the web

%d bloggers like this: