Post Grid WordPress Plugin Flaws Allow Site Takeovers – Threatpost

mblog.my October 6, 2020 Wordpress News Leave a comment 1,046 Views

[ad_1]

Team Showcase, a sister plugin, is also vulnerable to the XSS and PHP object-injection bugs — together they have 66,000 installs.

Two high-severity vulnerabilities in Post Grid, a WordPress plugin with more than 60,000 installations, opens the door to site takeovers, according to researchers. To boot, nearly identical bugs are also found in Post Grid’s sister plug-in, Team Showcase, which has 6,000 installations.

The issues are a cross-site scripting (XSS) flaw as well as a PHP object-injection issue. Both bugs are pending CVE…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by Coldfusion Hosting
© Copyright 2024, All Rights Reserved