Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site


Last week The Hacker News received a tip about an unpatched vulnerability in the WordPress core, which could allow a low-privileged user to hijack the whole site and execute arbitrary code on the server.

Discovered by researchers at RIPS Technologies GmbH, the “authenticated arbitrary file deletion” vulnerability was reported 7 months ago to the WordPress security team but remains unpatched and affects all versions of WordPress, including the current 4.9.6.

Related posts

Instagram Back Online After Worldwide Outage

ROTechnica

Google removes stalkerware apps from the Play Store

ROTechnica

Microsoft’s Chromium-based Edge Browser now available for download

ROTechnica

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.