WordPress Plugin Like Button Authentication Bypass

Authentication Bypass Vulnerability in the WP Like Button plugin version 1.6.0 allows unauthenticated attackers to change the settings of the plugin. The contains() function in wp_like_button.php did not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the settings of the plugin. Proof of Concept …

Read moreWordPress Plugin Like Button Authentication Bypass

Working Cross-Site Request Forgery Attack & How to Prevent

CSRF stands for cross-site request forgery. It’s also known as session riding or XSRF, when we are browsing a website it requests data from other websites on our site. in example iframe, as you can see on our website where we add videos on the home page which is not stored on our server but …

Read moreWorking Cross-Site Request Forgery Attack & How to Prevent

Types Of Web Application Vulnerabilities

Web Application Vulnerabilities

Web Application Vulnerabilities 1. SQL InjectionSQL stands for the structured query language. The SQL injection is an injection attack which gives an attacker the feasibility to inject or we can say to execute SQL statements which can directly communicate with the database of the web application also known as a relational database management system. An …

Read moreTypes Of Web Application Vulnerabilities

Best Methods to avoid File Upload Vulnerabilities

website security in kashmir

Best methods to avoid File Upload Vulnerabilities Let’s discuss, How we can avoid File Upload Vulnerability and What are the different types of File Upload Vulnerability that may happen- Generally, there are two types of file upload vulnerability that may take place. I am going to give them detailed names so that it makes your life easier …

Read moreBest Methods to avoid File Upload Vulnerabilities

How to Protect Website from xss attack

xss security

How to Protect Website from XSS attack This article shows one method that developers of web applications can use to protect their websites from XSS attacks. Before going to explore the prevention it is necessary to understand what is XSS attacks. Cross-site Scripting, also known as XSS, is a way of bypassing the SOP concept. …

Read moreHow to Protect Website from xss attack