News

More than a million WordPress installations susceptible to plugin xss vulnerability

By admin
Spread the love

A security company recently found an xss vulnerability in WordPress during a routine check. The vulnerability allows attackers to inject and execute malicious code. More than a million active installations are potentially susceptible.

Security firm Sucuri said it was conducting a routine audit when it discovered a “dangerous” xss leak in the popular WordPress plugin WP-Super-Cache. With the plugin, php scripts from WordPress can be converted into static HTML files, which makes it faster to serve the website.

The vulnerability allows attackers to execute malicious code. According to Sucuri, this allows them to obtain admin rights from the site, install backdoors and more, among other things. According to WordPress.org, there are over a million active installations with WP-Super-Cache. In the latest version of the plugin, 1.4.4, the vulnerability has been fixed.

WordPress is a popular cms that website administrators use worldwide. Vulnerabilities regularly appear in the system, often also the result of plugins that are not completely watertight. It was recently revealed that at least three thousand websites are serving malware to users through a plugin that suffered from a security problem.

You might also like
News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Valve releases major Team Fortress 2 update with community maps and new taunts

News

Senate adopts bill to make doxing a punishable offense

News

Apple withdraws Rapid Security Response security update for WebKit vulnerability

News

European Commission adopts successor to Privacy Shield data transfer treaty

Exit mobile version