Disqus Wordpress Plugin Flaw Leaves Millions of Blogs Vulnerable to Hackers
2014-07-02, 01:33 PM,
[Image: disqus-wordpress-plugin-exploit-hacking.jpg]

Quote:A Remote code execution (RCE) vulnerability has been discovered in the comment and discussion service, Disqus plugin for the most popular Blogging Platform Wordpress.

While there are more than 70 million websites on the Internet currently running WordPress, about 1.3 million of them use the ‘Disqus Comment System’ Plugin, making it one of the popular plugins of Wordpress for web comments and discussions.

The security team at the security firm Sucuri discovered a critical Remote Code Execution (RCE) flaw while analyzing some custom JSON parser of the Disqus plugin and found that the variable parsing function could allow anyone to execute commands on the server using insecurely coded PHP eval() function.

Continue reading...
Share This Thread :

Related Threads
Thread Author Replies Views Last Post
  Pre-Installed Password Manager On Windows 10 Lets Hackers get All Your Passwords zenious 7 365 2017-12-29, 10:49 PM
Last Post: BigEarner
  Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads -- 2.3 Million HawkEye 13 1,048 2017-09-24, 02:34 AM
Last Post: EnChanter
  Does people really think they have earned millions by checking there emails r00t3d 16 1,128 2017-07-11, 07:41 PM
Last Post: r00t3d
  Inside a Russian IG BOT Farm with MILLIONS of Accounts! julianthr 10 947 2017-05-20, 01:03 PM
Last Post: EpicWarrior
  Need Adult Video Wordpress Theme DGR 3 1,376 2016-11-24, 07:51 PM
Last Post: torothemes

About Us | Contact Us | CPA Elites | Advertise | Stats

© 2013-2018 CPA Elites Ltd
Enhanced by MyBB and WallBB
Return to top