Tuesday, February 19, 2019
Home Entertainment The WordPress plugin Simple Social Buttons bug allows the complete adoption of...

The WordPress plugin Simple Social Buttons bug allows the complete adoption of the site

0
28


A critical vulnerability in the WordPress plugin Simple Social Buttons allows an attacker to completely take over a website.

The plugin allows users to add social sharing buttons in the sidebar, inline, above, and below the post content, photos, pop-ups, and fly-ins.

The error is the result of a faulty design flow and the lack of an authorization check that causes escalation of permissions and unauthorized actions in the WordPress installation, causing users or administrators who are not administrators to see the WordPress installation options in the table " wp-options "can change according to a WebARX blog post from February 11th.

The issue was discovered and reported on February 7th and patched the next day. Users should upgrade to the latest version as soon as possible because the plugin versions were 2.0.4 and earlier than 2.0.22.




Next post in the safety news

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.