The Hacker News - WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins
Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks. The flaw, tracked as CVE-2024-11972 (CVSS score: 9.8), affects all versions of the plugin prior to 1.9.0. The plugin has over 10,000 active installations. "This flaw poses a significant security risk, as it
from The Hacker News https://thehackernews.com/2024/12/wordpress-hunk-companion-plugin-flaw.html
from The Hacker News https://thehackernews.com/2024/12/wordpress-hunk-companion-plugin-flaw.html
Comments
Post a Comment