Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site


Last week The Hacker News received a tip about an unpatched vulnerability in the WordPress core, which could allow a low-privileged user to hijack the whole site and execute arbitrary code on the server.

Discovered by researchers at RIPS Technologies GmbH, the “authenticated arbitrary file deletion” vulnerability was reported 7 months ago to the WordPress security team but remains unpatched and affects all versions of WordPress, including the current 4.9.6.

Related posts

Facebook Messenger gets an Unsend feature

Akoji Francis

If you use Twitter, reset your password now

ROTechnica

Bitcademy starts STO

ROTechnica

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.