On 19th of June, Wordfence Threat Intelligence team discovered a vulnerability that affects Wordpress plugin Comments – wpDiscuz. This flaw gives unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site’s server. According to Wordfence, the security flaw is rated as critical severity with a CVSS base score of 10.0.
Lien vers l'article source