Thousands of websites run buggy WordPress plugin that allows complete takeover - The Register
7/15/2022 12:00:00 AM3 years 7 months ago
by Jessica Lyons Hardcastle
by Jessica Lyons Hardcastle
All versions are susceptible, there's no patch, so now's a good time to remove this add-on
Miscreants have reportedly scanned almost 1.6 million websites in attempts to exploit an arbitrary file upload vulnerability in a previously disclosed buggy WordPress plugin. Traced as CVE-2021-2428… [+2913 chars]
full article...