[ad_1] An advisory has been issued about a high-severity WordPress vulnerability that makes it possible for attackers to inject arbitrary shortcodes into sites using the WordPress Popular Posts plugin. Attackers do not need a user …
Continue reading
Tag: Vulnerability
WordPress Backup Plugin Vulnerability Affects 3+ Million Sites
[ad_1] A high severity vulnerability in a popular WordPress backup plugin allows unauthenticated attackers to exploit the flaw. The vulnerability is rated 8.8 on a scale of 0.0 to 10. UpdraftPlus: WP Backup & Migration …
Continue reading
WPForms Plugin Vulnerability Affects Up To 6 Million Sites
[ad_1] The WPForms plugin for WordPress exposes websites to a vulnerability that allows attackers to update subscriptions and issue refunds. This flaw enables attackers to modify data they normally should not have access to. Missing …
Continue reading
WordPress Anti-Spam Plugin Vulnerability Hits 200k+ Sites
[ad_1] A flaw in a WordPress anti-spam plugin with over 200,000 installations allows rogue plugins to be installed on affected websites. Security researchers rated the vulnerability 9.8 out of 10, reflecting the high level of …
Continue reading
WordPress Security Plugin Vulnerability Endangers 4 Million+ Sites
[ad_1] A critical vulnerability was discovered in a popular WordPress security plugin with over 4 million installations. The flaw allows attackers to log in as any user, including administrators, and gain full access to their …
Continue reading
New LiteSpeed Cache Vulnerability Puts 6 Million Sites at Risk
[ad_1] Another vulnerability was discovered in the LiteSpeed Cache WordPress plugin—an Unauthenticated Privilege Escalation that could lead to a total site takeover. Unfortunately, updating to the latest version of the plugin may not be enough …
Continue reading
WordPress Elementor Widgets Add-On Vulnerability
[ad_1] A WordPress plugin add-on for the popular Elementor page builder recently patched a vulnerability affecting over 200,000 installations. The exploit, found in the Jeg Elementor Kit plugin, allows authenticated attackers to upload malicious scripts. …
Continue reading
WordPress Translation Plugin Vulnerability Affects +1 Million Sites
[ad_1] A critical vulnerability was discovered in the WPML WordPress plugin, affecting over a million installations. The vulnerability allows an authenticated attacker to perform remote code execution, potentially leading to a total site takeover. It …
Continue reading
WordPress Cache Plugin Vulnerability Affects +5 Million Websites
[ad_1] Up to 5 million installations of the LiteSpeed Cache WordPress plugin are vulnerable to an exploit that allows hackers to gain administrator rights and upload malicious files and plugins The vulnerability was first reported …
Continue reading