Critical Flaw In WordPress Plugins Poses Risk Of Site Takeover
Critical Flaw In WordPress Plugins Poses Risk Of Site Takeover
Summary:
A critical security vulnerability, identified as CVE-2024-2172 in WordPress, urges users utilizing miniOrange’s Malware Scanner and Web Application Firewall plugins to uninstall these plugins from their websites. This vulnerability enables unauthorized attackers to gain administrative privileges by altering the user password.
Threat Level – Red | Vulnerability Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.