WordPress exposes plug-in vulnerabilities, allowing any user to take over the website and download wordpress

2 minutes
three hundred and five
zero

Users who use WordPress to manage their websites are likely to find the recently exposed security vulnerability in one of the plug-ins. one

Users who use WordPress to manage their websites are likely to find the recently exposed security vulnerability in one of the plug-ins. A security researcher from WebARX has just discovered a flaw in the "Simple Social Buttons" plug-in. This plug-in is designed to facilitate webmasters to embed social sharing buttons on SNS platforms such as Facebook or Twitter in articles, comments, or other parts of the website.

However, the newly exposed vulnerability allows any user who can create a new account on the website to use it to access "settings that can usually only be removed by the administrator". In other words, an attacker with ulterior motives can take over the website through this plug-in.

Security researchers pointed out that up to now, the WPBrigade simple social sharing button plug-in has been downloaded more than 500000 times. WordPress claims that it has been adopted by more than 40000 websites.

Simple Social Buttons Exploit PoC by WebARX( via )

This means that many websites built on the platform may have been affected by the vulnerability. Fortunately, security researchers reported this problem to WordPress last week, and the official released an update the next day.

Of course, in order to ensure security, please be sure to upgrade the plug-in to the latest version 2.0.22.

[Compiled from: Neowin]

[Source: cnBeta. COM]

This article is written by: Chief Editor Published on Software Development of Little Turkey , please indicate the source for reprinting: //hongchengtech.cn/blog/1221.html
Kuke_WP editor
author

Related recommendations

1 year ago (2024-02-20)

Industry Fit! Preferred element of WMS warehouse management system, wms warehouse software

Enterprise managers often think that warehouses are inefficient, high cost places, and belong to heavy asset operations. With the development of enterprise business, if the warehouse needs to be expanded in traditional ways, the cost is relatively high. At the same time, it also faces problems such as lack of operating experience. In the operation link, the process of warehouse, allocation, human resource matching and management is very complicated, and the team's professional ability is also highly required
seven hundred and eighty-three
zero
1 year ago (2024-02-19)

Supply chain billing system management (I): system overview, what are the supply chain management fees

In recent years, with the continuous development of e-commerce industry and increasing business, everyone has started to distribute goods online, and the supply chain billing system needs to manage more and more things. How to manage the billing system? The author summarizes some contents about settlement based on his own practical experience, hoping to enlighten you. After working on the warehouse management system for several years, I was transferred to work as a supplier
five hundred and fifty-six
zero
1 year ago (2024-02-19)

Multi merchant system management - store background design, what is the meaning of multi merchant classification

Simply understood, multi merchants are a large mall. The platform can manage merchants who settle in the mall. The merchants who settle in the mall have independent backstage. They can log in and add goods to the shelves by themselves, manage stores by themselves and other information functions. Then how to design the backstage of the store? Let's see the author's sharing. I hope it can help you. 1、 Introduction The backstage of the store is an important part of the e-commerce platform
six hundred and forty-eight
zero
1 year ago (2024-02-19)

Jiangyang District of Luzhou City took the lead in the city's full coverage training on domestic waste classification management regulations, Luzhou waste treatment

Source: Original Draft On January 10, the People's Congress of Jiangyang District, Luzhou City and the District Government jointly carried out a training on the regulations of the Regulations on the Classified Management of Domestic Waste in Luzhou City (the Regulations for short), and invited Lei Zhengyun, the chairman of the Legislative Affairs Committee of the Municipal People's Congress, to give a live lecture, so as to guide the comprehensive and systematic grasp of the contents and legal functions and responsibilities of the Regulations, deeply understand the specific specifications of the Regulations, and quickly set off
three hundred and seventeen
zero
1 year ago (2024-02-19)

Simeng CMS (smcms) content management system, Simeng Central Primary School

SMCMS (Simon CMS) is a content management system developed based on the microbee http rapid development framework. Product development follows the concept of simplicity, security, high concurrency and efficiency. Enterprise level web content management software for high-end users is designed to help users solve the increasingly complex and important web content creation, maintenance, publishing and response
three hundred and sixty-one
zero
1 year ago (2024-02-19)

Does the website have to install a content management system?, What apps are needed to install software on the website

1: The role of the website is to let companies or enterprises display their own windows, but also to let more customers or potential customers know their work and products. Through the website, customers can understand their products and services more intuitively, and can also provide more services to meet customer needs. 2: The role of the content management system The content management system can help
four hundred and fifty-six
zero

comment

0 people have participated in the review

Scan code to add WeChat

contact us

WeChat: Kuzhuti
Online consultation: