Millions of WordPress sites get forced update to patch critical plugin flaw
21 Feb
2022
21 Feb
'22
11:16 a.m.
'Millions of WordPress sites have received a forced update over the past day to fix a critical vulnerability in a plugin called UpdraftPlus.
The mandatory patch came at the request of UpdraftPlus developers because of the severity of the vulnerability, which allows untrusted subscribers, customers, and others to download the site’s private database as long as they have an account on the vulnerable site. Databases frequently include sensitive information about customers or the site’s security settings, leaving millions of sites susceptible to serious data breaches that spill passwords, user names, IP addresses, and more.'
-- source: https://arstechnica.com/information-technology/2022/02/millions-of-wordpress...
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174 (office)
+64 (7) 577-5304 (home office)
https://www.cs.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/
873
Age (days ago)
873
Last active (days ago)
0 comments
1 participants
participants (1)
-
Peter Reutemann