29 July 2020 at 11:19 UTC
Updated: 29 July 2020 at 11:20 UTC
Critical bug in wpDiscuz add-on has now been patched
A critical vulnerability in a WordPress plugin with more than 80,000 active installations allowed unauthenticated attackers to take full control of a target website.
The security flaw, present in wpDiscuz comment plugin, enabled attackers to upload arbitrary files in order to achieve remote code execution (RCE) on a vulnerable site’s backend server.