Vulnerability in WPvivid Plugin could expose Wordpress Files
The vulnerability of the WPvivid plugin is that it can open Wordpress files
Researchers have found a major vulnerability in the WPvivid Software plugin that has threatened multiple WordPress sites. When used, this vulnerability can attack the attacker against all elements of the target website.
WPvivid Deactivated WordPress Software The WebARX security team has mentioned the vulnerability of the WPvivid WordPress Backup plugin. At their discretion, a malicious error will allow an authorized user to interfere with the default recovery time.
The most vulnerable feature of wp_ajax without the permission check is wp_ajax_wpvivid_add_remote. This will allow any authorized user, regardless of their performance, to add a new copy to the existing one and make it look like a default storage batch. This can lead to a backup of the new default setting set by the enemy you are running the plugin on.
Not only will this required release of additional website data files, but it can also lead to loss of data. In addition, the participant will also be encouraged to encourage the site administrator to work on the plugin. Scientists resolve the bugs After discovering the vulnerability, researchers generate developers to inform them of the failure. So, this user group fixes the bug by releasing the WPvivid Backup Plugin version 0.9.36. According to the entry page, WPvivid Backup has more than 40,000 active entries. This is because the CSRF vulnerability mentioned above is said to threaten the security of thousands of websites. As for the patch work, the researchers said, we see that the Ajax_check_security call has been added in many places. This function will check the accuracy of the removal point and check the user's performance. Since the site has been released, the appropriate administrators must ensure that they have installed the plug-in. The WPvivid Backup Plugin is a comprehensive solution to support, restore and move WordPress sites.
0 Comments
We love comments! We appreciate your queries but to protect from being spammed, all comments will be moderated by our human moderators. Read our full comment policy here.
Let's enjoy a happy and meaningful conversation ahead!