Owners of WordPress sites who use the Contact Form 7 Datepicker plugin are urged to remove or deactivate it to prevent attackers from creating rogue admins or taking over admin sessions after exploiting an authenticated stored cross-site scripting (XSS) vulnerability. […]
The post WordPress Plugin Bug Can Be Exploited to Create Rogue Admins appeared first on Secure Hunter Anti-Malware.
https://ift.tt/3bDU8FY
Secure Hunter
No comments:
Post a Comment