Cybersecurity researchers from Patchstack recently discovered a high-severity flaw in a popular extension for WordPress, which allows threat actors to exfiltrate sensitive information from vulnerable websites. The vulnerability is tracked as CVE-2023-40004, and is described as allowing unauthenticated users to access and tweak token configurations. The flaw was found in an extension called All-in-One WP […]
Posts Tagged ‘wordpress plugin’
WordPress recently force-installed a patch on more than five million websites in an attempt at keeping them safe from a newly discovered, high-severity flaw. The flaw was found in Jetpack, one of the most popular plugins for the famed website builder, which offers additional security, performance, and website management capabilities. Read More
06
May
2023
Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. The issue, assigned the identifier CVE-2023-30777, relates to a case of reflected cross-site scripting (XSS) that could be abused to inject arbitrary executable scripts into otherwise benign websites. The plugin, which is available […]
FRIDAY, APRIL 26, 2024
WHITE PAPERS
Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...
ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...
Latest Comments