-
Reducing Disk Load in High-Traffic PHP Applications: Switching from SQLite to Redis for Anti-Crawler Storage
Automated crawlers and scraping bots are a growing problem for modern websites. While search engine bots are useful, many other crawlers generate excessive traffic, scrape content, or overload servers. To help website owners control this type of traffic, we recently released the Anti-Crawler PHP Library by CleanTalk, an open-source tool designed to detect and limit
-
CVE-2023-4307 – Lock User Account <= 1.0.3 - Arbitrary Lock/Unlock All Account's via CSRF
In the pursuit of robust website security, a profound vulnerability has emerged during the assessment of WordPress plugins. A striking vulnerability within the Lock User Account plugin was discovered, heralding a serious threat. This vulnerability exposes an avenue for malicious attackers to enact an untraceable lockout of all user accounts, capitalizing on a Cross-Site Request…
-
CVE-2023-4019 – Media from FTP < 11.17 - Author + Arbitrary File Access via Path Traversal
In a profound exploration of WordPress plugins, a chilling revelation has come to light. During meticulous testing, a high-impact vulnerability was unearthed within the Media from FTP plugin, specifically versions preceding 11.17. This alarming flaw exposes an avenue for attackers to exploit Path Traversal techniques, enabling unauthorized access to sensitive files and documents. The plugin…
-
CVE-2023-3814 – Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access via Path Traversal
In the realm of WordPress plugins, a severe security vulnerability has been unveiled. A comprehensive testing process revealed a critical flaw within the Advanced File Manager plugin, specifically versions up to 5.1.1. This vulnerability exposes a significant security lapse that can potentially allow unauthorized access to files and folders through Path Traversal techniques. Main info:…
-
We Have Reduced the Malware Code Analysis Time from 36 Hours to 10 Minutes
In case Security Malware Scanner detects a suspicious file, the file is sent for analysis and, earlier this analysis was done manually by our team. For 3 months now the files have been processed by our AI and the average analysis time has decreased from 36 hours to 10 minutes. However, we continue to double-check…
