If you haven’t updated your WordPress website since October 2013, this wouldn’t affect you, but we strongly hope that is not the case! There’s a new object injection vulnerability which affects WordPress versions 3.7 to 5.7.1. Be sure to get updated to 5.7.2 as soon as possible!
According to WPScan, the new object injection vulnerability is due to versions of PHPMailer library between 6.1.8 and 6.4.0. The original CVE can be found here.
Highlights for June 2020 Cross site scripting is still the most common vulnerability in WordPress Plugins. Bad actors are taking…
Read Story
Contact Form 7, arguably the most widely used WordPress plugin, released a security patch for an unrestricted file upload vulnerability…
Read Story
For the love of God make it stop..how to remove the linetoadsactive redirect (and others) *This guide is for removing…
Read Story