Vulnerability in WordPress plugin TI WooCommerce Wishlist could allow full site takeover

Flaw in popular add-on allows any logged-in customer to achieve admin status

A critical vulnerability in a WordPress plugin with more than 70,000 active installations could grant an attacker full administrative access, including the ability to modify and takeover a site’s database.

The bug in TI WooCommerce Wishlist has been patched in the latest version (1.21.12). Users are being urged to update as soon as possible, as the vulnerability is currently being exploited in the wild.

Security researchers from NinTechNet described how a lack of a…

More Info


Check Also

AudioDots Launches a TTS WordPress plugin

Text-to-Speech Solution is now available for WordPress based news publications, easily streaming audio to users …

Leave a Reply

Your email address will not be published. Required fields are marked *