[ad_1]
Security firm WordFence has warned of an actively exploited vulnerability in a widely-used WordPress plugin that could leave websites totally exposed to hackers.
WPGateway is a paid plugin that gives WordPress users the ability to manage their website from a centralised dashboard. The flaw, designated CVE-2022-3180, allows for threat actors to add their own profile with administrator access to the dashboard, and completely take over a victim’s website.
WordFence, which provides a firewall service for WordPress websites, released a rule to block the exploit for paying customers on its…
More Info
