The PHP Object Injection Odyssey

Robert Rowley

The past few months we have noticed a trend of new and increasing PHP Object Injection attacks targeting WordPress sites. In a few cases in the last months our standard incident response process was identifying sites were had just cleaned were getting re-infected. Our response? Hack harder than the hackers, and we found multiple undisclosed vulnerabilities in plugins installed on the affected sites. Each of the unreported vulnerabilities found were…

Read the full article.

New posts to your inbox.