Wednesday, October 4, 2017

3 Zero-Day Plugin Vulnerabilities Exploited In The Wild

According to security company Wordfence's blog post hackers have been exploiting three zero-days to install backdoors on WordPress sites. The zero-days affect three WordPress plugins which are Appointments, Flickr Gallery and RegistrationMagic-Custom Registration Forms.

Affected versions:
-Appointments earlier than version 2.2.2
-Flickr Gallery earlier than version 1.5.3
-RegistrationMagic-Custom Registration Forms earlier than version 3.7.9.3



More information in the Wordfence blog.

Sites using affected plugins should update to the latest versions available. Also, it's recommended to disable those plugins that are not needed.

No comments: