WordPress File Management Plugin Riddled with Critical Bugs – Threatpost

[ad_1]

The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution.

A critical cross-site scripting (XSS) bug impacts WordPress sites running the Frontend File Manager plugin and allows remote unauthenticated users to inject JavaScript code into vulnerable websites to create admin user accounts.

The bug is one of six critical flaws impacting the WordPress plugin Front File Manager versions 17.1 and 18.2, active on more than 2,000 websites. Each of the flaws, publicly disclosed Monday, have available…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *