PHP Everywhere RCE flaws threaten thousands of WordPress sites

mblog.my February 10, 2022 Wordpress News Leave a comment 448 Views

[ad_1]

WordPress logo

Researchers found three critical remote code execution (RCE) vulnerabilities in the ‘PHP Everywhere’ plugin for WordPress, used by over 30,000 websites worldwide.

PHP Everywhere is a plugin that allows WordPress admins to insert PHP code in pages, posts, the sidebar, or any Gutenberg block, and use it to display dynamic content based on evaluated PHP expressions.

Three RCE flaws

The three vulnerabilities were discovered by security analysts at Wordfence and can be exploited by contributors or subscribers, affecting all WordPress versions from 2.0.3 and below.

Here’s a short description…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by Coldfusion Hosting
© Copyright 2024, All Rights Reserved