When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The flaw consisted of an object injection vulnerability in the Better Search Replace WordPress plugin.
To exploit the vulnerability, however, certain conditions must first be met.
The vulnerability can then be used to trigger the POP chain into performing malicious actions.
Users are advised to update their plugin to version 1.4.5. as soon as possible.
As awebsite builder, WordPress is generally considered safe.
The plugins, most of which are built by third parties, not so much.
Many of them are non-commercial, developed by a small team and often not properly maintained.
That makes them an ideal candidate to serve as a gateway for breaches and other malicious activity.
ViaBleepingComputer
