High Severity Vulnerability Patched in WordPress Download Manager Plugin Installed On 100,000 Websites – Tech Business News

On July 8, 2022 the Wordfence Threat Intelligence team initiated the responsible disclosure process for a vulnerability discovered in “Download Manager,” a WordPress plugin that is installed on over 100,000 sites.

This flaw makes it possible for an authenticated attacker to delete arbitrary files hosted on the server, provided they have access to create downloads.

If an attacker deletes the wp-config.php file they can gain administrative privileges, including the ability to execute code, by re-running the WordPress install process.

Wordfence Premium, Wordfence Care, and Wordfence…


More Info

About mblog.my

Check Also

Re-Creating The New York Times’ Website in Under 30 Minutes Using WordPress.com – WordPress.com News

Re-Creating The New York Times’ Website in Under 30 Minutes Using WordPress.com – WordPress.com News

Using WordPress blocks and the Site Editor to quickly build a lookalike of one of …

Leave a Reply

Your email address will not be published. Required fields are marked *