[Aug 17, 2018]
A severe WordPress vulnerability which has been left a year without being patched has the potential to disrupt countless websites running the CMS, researchers claim.
Researchers say the PHP security flaw could leave countless WordPress websites open to exploit.
These flaws may only originally result in information disclosure and may be low risk; they can act as a pathway to a more serious remote code execution attack.
The WordPress content management system (CMS) is used by millions of webmasters to manage domains, which means the vulnerability potentially has a vast victim pool should the flaw being exploited in the wild.
Cyber Security Tips:
- Users are urged to continuously check & install Security updates for theirs WordPress sites as per the WordPress Security Advisory.