Connect with us

Tech

Thousands of WordPress sites potentially at risk from plugin security flaw

Published

on

ebZTsHB4jGup8yK4ebtwyR 1200 80

More than a hundred thousand WordPress websites are reportedly vulnerable to an exploit which allows threat actors to run malicious code remotely and completely unauthenticated, as well as being able to delete arbitrary files at will.

A cybersecurity researcher with the alias villu164, discovered a 10/10 vulnerability in a WordPress plugin called GiveWP, which is designed to facilitate online donations, making it easier for nonprofits, charities, and other organizations to collect funds directly through their websites.


Advertisement
Continue Reading
Advertisement

Trending