Vulnerability in in WordPress Plugin wpCentral

[German]Security experts from WordFence discovered a vulnerability in the WordPress plugin wpCentral on February 13, 2020, which allows blogs to be taken over.


Advertising

The WordPress plugin wpCentral is installed on more than 60,000 websites and allows the central administration of several blogs via a dashboard. I had already thought about using it for my blogs, but I discarded this idea (I want to keep the number of plugins to a minimum).

The vulnerability in wpCentral discovered on February 13, 2020 allowed any registered user to extend his privileges to those of an administrator, including users at the subscriber level. The vulnerability also allowed remote control of the site through the wpCentral administrative dashboard.

This is a high-level security issue that could have serious implications for WordPress sites. WordFence specialists strongly recommend that you upgrade to the latest version 1.5.2 immediately. More details can be found in this blog post.


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *