What the Workday Data Breach Reveals About the Risks of Third-Party Integration
What the Workday Data Breach Reveals About the Risks of Third-Party Integration Workday, the global human resources software giant, has disclosed a […]
Author: Spider Sec
Vibe Coding Security: The Hidden Risks in AI-Generated Code
Vibe Coding Security: The Hidden Risks in AI-Generated Code The transformation of software development is accelerating, with AI-driven coding emerging as an […]
How To Prepare For A Penetration Test
How To Prepare For A Penetration Test Penetration testing (ethical hacking) is a simulated cyberattack on your IT systems designed to uncover […]
Protect WordPress Site From Hackers: Essential Tips to Lock Down Your Website
Protect WordPress Site From Hackers: Essential Tips to Lock Down Your Website WordPress powers over 40% of all websites on the internet. […]
Cyber Security for Celebrities: An Introduction
Cyber Security for Celebrities: An Introduction Celebrities live in the digital spotlight where your high profile can be a magnet for cybercriminals. […]
How To Fix “Video outside the viewport” Indexing Issue
In this post I am going to discuss how to fix the “video outside the viewport” indexing issue / error which is […]
WordPress Penetration Test – Client Case Study
In the ever-evolving landscape of cybersecurity, WordPress stands as one of the most popular content management systems (CMS) in the world. Its […]
Multiple Authenticated Stored XSS in NinjaForms Settings Page (Version 3.4.22 )
Authenticated Stored XSS in NinjaForms Settings Page (Version 3.4.22 ) Background A consultant at Spider Sec Ltd identified a critical vulnerability […]
Registration Magic Multiple Unauthenticated XSS Vulnerabilities (Version 4.6.0.0)
Registration Magic Version 4.6.0.0 (Multiple XSS Vulnerabilities) Background After discovering two new WordPress Plugin vulnerabilities on a recent web application penetration test […]
Registration Magic Authenticated Blind SQL Injection inside URL (Version 4.6.0.0)
Registration Magic Version 4.6.0.0 Authenticated Blind SQL Injection in URL Background If you still haven’t read the preface to this discovery […]