The PGS Core plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 5.8.0 via deserialization of untrusted input in the 'import_header' function. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
#BLOCKCHAIN

The Secure Smart Contract Development Roadmap. The essential blueprint for crafting secure protocols.

The Ethernaut is a Web3/Solidity based wargame played in the Ethereum Virtual Machine. Each level is a smart contract that needs to be 'hacked'. The game is 100% open source and all levels are contributions made by other players.

Compete against the world's top crypto security experts and make a name for yourself.

Learn to harness next-gen technologies to build the bridges that will lead us to a better tomorrow.

Think out of the box. This blog talks about computer security. Tutorials about buffer overflow, Active Directory, everything is explained with examples.

NEW

The total amount of money lost by blockchain hackers is about \$35,805,172,817.24. Total hack events 1875.

Coins that encrypt their transactions using zero-knowledge proofs or similar private technology.

The most popular and trusted Bitcoin block explorer and crypto transaction search engine.

Your one-stop-shop to learn all about Blockchain development and Crypto Technologies.

Top auditors compete to keep high severity bugs out of production. Start a public or private audit within 48 hours.

On Immunefi, hackers secure web3, save funds from theft, and get paid the world's largest bug bounties.