Get a Pentest and security assessment of your IT network.

Cyber Security

Critical vulnerability fixed in WordPress plugin with 800K installs

WordPress plugin NextGen Gallery has fixed two severe CSRF vulnerabilities to protect sites from potential takeover attacks. The vulnerabilities are rated as high and critical severity by Wordfence’s Threat Intelligence team. Attackers can exploit these flaws by tricking WordPress admins into clicking specially crafted links or attachments to execute malicious code in their browsers. Over 530,000 WordPress sites with active NextGEN Gallery installations potentially exposed to takeover attacks if attackers start exploiting the two bugs. The plugin was released in December, but it only has just over 266,000 new downloads until yesterday.

Source: https://www.bleepingcomputer.com/news/security/critical-vulnerability-fixed-in-wordpress-plugin-with-800k-installs/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation