Nginx

Hardening the web server of your WordPress website

Web servers are unique in network environments because they are exposed to the internet and serve web traffic to potentially unknown users. Furthermore, web servers often run dynamic applications like WordPress websites or act as proxies for internal applications. Thus, it is not surprising that they are desirable targets for attackers. Hardening a system involves …

Hardening the web server of your WordPress website Read More »

Unrestricted File Upload Vulnerability found in Contact Form 7 plugin affects 5M+ websites

CVE-2020-35489: Unrestricted File Upload Vulnerability found in Contact Form 7 plugin affects 5M+ websites

A high-severity Unrestricted File Upload vulnerability, tracked as CVE-2020–35489, was discovered in a popular WordPress plugin called Contact Form 7, currently installed on 5 Million+ websites making them vulnerable to attacks like phishing, complete site take-over, data-breach, phishing and credit card frauds. In this blog-post, we will cover what caused the flaw, an example Proof-Of-Concept (PoC) showing exploitation in a …

CVE-2020-35489: Unrestricted File Upload Vulnerability found in Contact Form 7 plugin affects 5M+ websites Read More »