Seckhmet - Vulnerability Research
Focus on your business, Seckhmet takes care of its security
Focus on your business, Seckhmet takes care of its security
We carry out offensive audits combining code analysis and penetration testing, in order to detect exploitable vulnerabilities before attackers do. This hybrid approach makes it possible to cover both logical flaws present in the source code and real-world attack vectors.
Your plugins and/or themes are thoroughly reviewed thanks to a manual code review, input/output control, dependency analysis and detection of risky patterns (SQL injections, XSS, CSRF, authentication/authorization errors, secret leakage). Findings are systematically validated by controlled exploitation scenarios (PoC) to measure the real impact and prioritize fixes.
The vast majority of WordPress incidents come from poorly designed or unmaintained third-party extensions and themes. By auditing their code and integration into your sites, we deliver an actionable report — exploitation evidence, risk classification and detailed technical recommendations — to ensure quick remediation and lasting resilience of your platform.
Here is the list of vulnerabilities reported during our audits or our R&D
Plugin AHAthat
Cross-Site Request Forgery
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Plugin Altra Side Menu
SQL Injection
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Plugin Connexion Logs
SQL Injection
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
JSP Store Locator
SQL Injection
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
A need? A project? A demo? Contact us