The Latest in IT Security

Hackers Start Exploiting Recent Vulnerabilities in Thrive Theme WordPress Plugins

25
Mar
2021
Hackers Start Exploiting Recent Vulnerabilities in Thrive Theme WordPress Plugins

image credit: pxhere

The Thrive Themes represent a collection of themes and plugins that provide WordPress administrators with the means to quickly customize their websites.

Two vulnerabilities that the Thrive Themes team addressed earlier this month are currently being targeted in live attacks to upload arbitrary files to vulnerable websites, and provide attackers with backdoor control to them.

The most important of the bugs is a critical (CVSS score of 10) unauthenticated arbitrary file upload and option deletion vulnerability that affects all Thrive Theme’s Legacy Themes. The flaw exists because the Legacy Themes include an insecurely implemented function to automatically compress images during uploads.

Read More

Comments are closed.

Categories

MONDAY, APRIL 19, 2021
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments