security

This top WordPress plugin has a major security flaw – and there's no … – TechRadar


A popular plugin for the WordPress website builder appears to be carrying a major flaw that could allow threat actors to steal sensitive data from the website’s database. 

Research by Plugin Vulnerabilities, a platform that analyzes the security of WordPress plugins found that the developer of WP Fastest Cache (a WordPress plugin with more than a million installs) recently committed a change to the plugin in the Subversion repository underlying the WordPress Plugin Directory. This fix addressed an SQL injection vulnerability that allowed threat actors to run arbitrary SQL code on the website, effectively allowing them to read the contents of the WordPress database.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.