Plugin

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks – Go Health Pro

by
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks – Go Health Pro

Nov 26, 2024Ravie LakshmananVulnerability / Website Security Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malicious plugins on susceptible sites and potentially achieve remote code execution. The vulnerabilities, tracked as CVE-2024-10542 and CVE-2024-10781, carry a CVSS score of 9.8 out of … Read more

WordPress Mandates Two-Issue Authentication for Plugin and Theme Builders – Go Well being Professional

by
WordPress Mandates Two-Issue Authentication for Plugin and Theme Builders – Go Well being Professional

Sep 12, 2024Ravie LakshmananNet Safety / Content material Administration WordPress.org has introduced a brand new account safety measure that can require accounts with capabilities to replace plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement is anticipated to return into impact beginning October 1, 2024. “Accounts with commit entry can push updates and … Read more

Crucial Safety Flaw Present in LiteSpeed Cache Plugin for WordPress – Go Well being Professional

by
Crucial Safety Flaw Present in LiteSpeed Cache Plugin for WordPress – Go Well being Professional

Sep 06, 2024Ravie LakshmananWordPress / Webinar Safety Cybersecurity researchers have found one more crucial safety flaw within the LiteSpeed Cache plugin for WordPress that would permit unauthenticated customers to take management of arbitrary accounts. The vulnerability, tracked as CVE-2024-44000 (CVSS rating: 7.5), impacts variations earlier than and together with 6.4.1. It has been addressed in … Read more

Essential WPML Plugin Flaw Exposes WordPress Websites to Distant Code Execution – Go Well being Professional

by
Essential WPML Plugin Flaw Exposes WordPress Websites to Distant Code Execution – Go Well being Professional

Aug 28, 2024Ravie LakshmananWordPress Safety / Web site Safety A important safety flaw has been disclosed within the WPML WordPress multilingual plugin that might enable authenticated customers to execute arbitrary code remotely beneath sure circumstances. The vulnerability, tracked as CVE-2024-6386 (CVSS rating: 9.9), impacts all variations of the plugin earlier than 4.6.13, which was launched … Read more

x