February 18, 2020 –
The WordPress plugin WP Central is installed on more than 60,000 websites worldwide and contains a gaping security hole. A patch is available, users are strongly encouraged to apply it.
Wordfence security guards have discoveredthat a big security leak is hidden in the WordPress plugin WP Central. The plugin, which allows the management of several blogs, is installed on over 60,000 websites worldwide. The security vulnerability apparently allows the rights on the homepage to be overridden and an administrator account to be accessed relatively easily.
Wordfence sent the proof of concept (see video below) to the developer on February 13th, who responded promptly and immediately released a patch. The plugin is now available in version 1.5.2. WP Central users are urged to open the plugin immediately to play on their WordPress site in the new version,
(Win)
– ,
