Vulnerability Patched in Cozmolabs Profile Builder Plugin – Information Disclosure Leads to Account Takeover | allinfosecnews.com

Web: https://malware.news/t/vulnerability-patched-in-cozmolabs-profile-builder-plugin-information-disclosure-leads-to-account-takeover/67871

March 14, 2023, 4:10 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Hundreds, if not thousands of WordPress plugins are conceived with the idea of making site building and maintenance easier for site owners. They add features not available in WordPress Core that would otherwise require site owners to write their own code to extend functionality. However, these well-intentioned plugins may sometimes contain seemingly innocuous bugs that can lead to catastrophic consequences.

On Tuesday, February 7th, 2023, prominent WordPress vulnerability researcher István Márton, also known as Lana Codes, reached out to …

account account takeover builder disclosure information information disclosure plugin profile takeover vulnerability

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Avoiding data backup failures – Week in security with Tony Anscombe 5 hours ago | malware.news

backup data data backup security +1

2023-03-31 - Qakbot (Qbot), obama247 distribution tag 6 hours ago | malware.news

distribution malware analysis qakbot qbot +1

3 tips for creating backups your organization can rely on when ransomware strikes 12 hours ago | malware.news

backups ransomware tips

3 tips to raise your backup game 12 hours ago | malware.news

backup game tips

3CX Supply Chain Attack Campaign 13 hours ago | malware.news

3cx attack campaign supply +2

Healthcare vendor reports breach from 2021, at least 9 providers impacted 16 hours ago | malware.news

breach healthcare reports vendor

High-cost lender TMX Finance data breach affects nearly 5 million customers 16 hours ago | malware.news

breach cost customers data +4

Start Preparing For “THE SINGULARITY.” There is a 5% to 10% chance it will be … 16 hours ago | malware.news

Technical Advisory: Software Supply Chain Attack Against 3CX Desktop App 18 hours ago | malware.news

3cx advisory app attack +8

Director of Cloud Security - 100% US REMOTE

@ Experian | Allen, TX, United States

View on infosec-jobs.com

Azure DevSecOps - Solution Architect

@ Citizant | Chantilly, VA, United States

View on infosec-jobs.com

Cybersecurity Champion

@ NielsenIQ | Chicago, IL, United States

View on infosec-jobs.com

Senior Information Security Analyst

@ QAD, Inc. | Wroclaw, Poland

View on infosec-jobs.com

VP, Information Security

@ TrueAccord | Remote

View on infosec-jobs.com

DevSecOps Engineer- (100%) ( w/m/d) - Valbonne - Hybrid Work

@ SMG Swiss Marketplace Group | Valbonne, France

View on infosec-jobs.com

Information Security Director - Attack Surface Management (100% US REMOTE)

@ Experian | Allen, TX, United States

View on infosec-jobs.com

Director - Cybersecurity and Compliance

@ Visa | Foster City, CA, United States

View on infosec-jobs.com

Senior Threat Analyst | Remote, USA

@ Optiv | Kansas City, MO

View on infosec-jobs.com

Senior Consultant (m/w/d) - Identity & Access Management

@ Infosys Consulting - Europe | Frankfurt, Hessen, Germany

View on infosec-jobs.com

Associate Cybersecurity Analyst - SOC

@ Visa | Ashburn, VA, United States

View on infosec-jobs.com

Security Operations Networks Engineer - Hybrid Working

@ NECSWS | Nottingham, United Kingdom

View on infosec-jobs.com