Critical WordPress plugin bug allows for automated takeovers

Attackers can exploit a critical vulnerability in the WP Product Review Lite plugin installed on over 40,000 WordPress sites to inject malicious code and potentially take over vulnerable websites.

WP Product Review Lite helps site owners to quickly create custom review articles using pre-defined templates.

The plugin comes with support for including affiliate links, rich snippets, review widgets, as well as for buy buttons for additional monetization streams.

Persistent XSS leading to site takeover

The WP Product Review Lite bug found by the Sucuri Labs research team can be remotely…

More Info


Check Also

Why do you need Themesinfo WordPress theme detector?

When you are taking steps to build your websites, there are specific modern tools available. …