Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

jeudi 30 juillet 2020

Critical Wordpress Plugin Vulnerability (CERT-EU Security Advisory 2020-038)

On 19th of June, Wordfence Threat Intelligence team discovered a vulnerability that affects Wordpress plugin Comments – wpDiscuz. This flaw gives unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site’s server. According to Wordfence, the security flaw is rated as critical severity with a CVSS base score of 10.0.

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 142


Événements SSI