Critical RCE Flaws in ‘PHP Everywhere’ Plugin Affect Thousands of WordPress Sites

[ad_1]

WordPress

Critical security vulnerabilities have been disclosed in a WordPress plugin known as PHP Everywhere that’s used by more than 30,000 websites worldwide and could be abused by an attacker to execute arbitrary code on affected systems.

PHP Everywhere is used to flip the switch on PHP code across WordPress installations, enabling users to insert and execute PHP-based code in the content management system’s Pages, Posts, and Sidebar.

Automatic GitHub Backups

The three issues, all rated 9.9 out of a maximum of 10 on the CVSS rating system, impact versions 2.0.3 and below, and are as follows –

  • CVE-2022-24663 – Remote…
[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *