Popular WordPress Plugin Allows for Passwordless Admin Logins

2020-1-17 06:30

WordPress is one of the most commonly used CMS in the world. Many blog owners, as well as several online shops, make use of this technology.

Security researchers have come across a new security vulnerability that can have massive consequences.

WordPress Plugin Poses Major Security Threat

Through this exploit, hackers can log in as an administrator without using a password. 

The vulnerability in question can be found in the InfiniteWP Client.

That plugin’s code contains some flaws that the developers will hopefully address pretty quickly. 

Considering how over 300,000 utilize this plugin, the consequences can be pretty dramatic if left unchecked.

This plugin is crucial to a lot of people, as it allows for the management of multiple WordPress sites in one go. 

Thankfully, a patch has been released by the developers, albeit it is still up to site owners to update it accordingly. 

It will probably not be the last time criminals will exploit weaknesses in WordPress plugins either.

Site owners not upgrading the plugin run the risk of someone defacing their site or simply deleting everything.

This exploit can also be used to redirect customers to fake checkout pages, or gain access to the payment information 

It is the second time an passwordless admin login solution has been discovered in WP plugins in recent months. 

Interestingly enough, both plugins are created by the same developer. 

Image(s): Shutterstock.com

The post Popular WordPress Plugin Allows for Passwordless Admin Logins appeared first on NullTX.

Similar to Notcoin - TapSwap on Solana Airdrops In 2024

origin »

Dollar Online (DOLLAR) на Currencies.ru

$ 0.0024551 (+0.00%)
Объем 24H $0
Изменеия 24h: 0.00 %, 7d: 3.00 %
Cегодня L: $0.0024551 - H: $0.0024551
Капитализация $1.851k Rank 99999
Доступно / Всего 753.776k DOLLAR

security wordpress technology use shops online consequences

Источник: nulltx.com

security wordpress → Результатов: 3


Партнеры Currencies.ru

Реклама на Currencies.ru

Самое свежее на Currencies.ru

More Utility For Dogecoin As WordPress Websites Can Now Accept DOGE Payments

Dogecoin has added another utility to its belt. The meme coin which has been a fan favorite has been gaining ground recently in terms of payment capability. Its community of avid supporters has been leading the charge with this and now, another developer has released a new plugin that would allow hundreds of millions of […]

Ripple: Coil добавляет плагин WordPress и интегрирует кошелек Uphold

Поддерживаемая Ripple платформа веб-монетизации Coil объявила о добавлении плагина WordPress и интеграции кошелька Uphold. Ripple: Coil добавляет плагин WordPress и интегрирует кошелек Uphold. Детали Во вторник, 19 мая, поддерживаемая Ripple платформа Coil представила два новых дополнения к своей экосистеме: плагин...

WordPress Hackers Hit 900,000 Sites in a Week

A new wave of hacks has struck nearly a million WordPress websites in a single week in late April and early May. For months now, news of WordPress websites being flawed or targeted by attacks has been making headlines.

55% of Discovered Weaponized Bugs Target WordPress and Apache Struts

Over the last 10 years, more than half of all the security bugs that were weaponized were for two application frameworks – Apache Struts and WordPress. A recent study focused on analyzing all the vulnerabilities disclosed over the past decade resulted in quite an interesting discovery.