WordPress security plugin Hide My WP addresses SQL injection, deactivation flaws

mblog.my November 25, 2021 Wordpress News Leave a comment 394 Views

[ad_1]

Bugs deemed ‘very easy to exploit as they require no prerequisites’

WordPress security plugin Hide My WP addresses SQL injection, deactivation flaws

Hide My WP, a popular WordPress security plugin, contained a serious SQL injection (SQLi) vulnerability and a security flaw that enabled unauthenticated attackers to deactivate the software.

Now patched, the bugs were discovered by Dave Jong, CTO of WordPress-focused bug hunting platform Patchstack, during an audit of plugins on a customer’s website.

The SQLi “is pretty severe”, Jong told The Daily Swig. “It allows anyone to extract information from the database, it has no…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by Coldfusion Hosting
© Copyright 2024, All Rights Reserved