Don’t use this plug-in with WP 7.4 or WP 7.4.1
-
If you are using this plug-in you must upgrade to WordPress 7.4.2 to avoid a major security issue!
Background: The WordPress REST API of v4.7 and v.4.7.1 has a leak allowing attackers to post without being logged in. If these attackers use the shortcode of this plug-in then they can even insert their own PHP code.
Read more here: https://blog.sucuri.net/2017/02/rce-attempts-against-the-latest-wordpress-rest-api-vulnerability.html
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Don’t use this plug-in with WP 7.4 or WP 7.4.1’ is closed to new replies.
