WordPress security: More than 600,000 sites hit by blind SQLi vulnerability in WP Statistics plugin

Sensitive database data at risk if webmasters fail to update systems

WP Statistics, a popular web analytics plugin for WordPress, contained a time-based blind SQL injection vulnerability that, if exploited, could result in sensitive information being exfiltrated from a site’s database.

Webmasters of WordPress sites running the open source plugin, which number more than 600,000, have been urged to update their systems as soon as possible.

The nature of the high severity (CVSS score 7.5) pre-authenticated vulnerability (CVE-2021-24340) means…


More Info

About mblog.my

Check Also

The WordPress Community Comes Together in Taipei – WordPress.com News

The WordPress Community Comes Together in Taipei – WordPress.com News

Taking a look at WordPress.com’s presence at WordCamp Asia 2024 in Taipei, Taiwan. This year’s …

Leave a Reply

Your email address will not be published. Required fields are marked *