Critical WordPress Plugin RCE Vulnerability Impacts 100k+ Sites
Posted: Wed Jan 22, 2025 3:54 pm
A severe security flaw has been discovered in GiveWP, a popular WordPress donation plugin with over 100,000 active installations.
The vulnerability, classified as an unauthenticated PHP Object Injection leading to Remote Code Execution (RCE), was responsibly reported through the Wordfence Bug Bounty Program on May 26th, 2024.
https://cybersecuritynews.com/wordpress ... erability/
The vulnerability, classified as an unauthenticated PHP Object Injection leading to Remote Code Execution (RCE), was responsibly reported through the Wordfence Bug Bounty Program on May 26th, 2024.
https://cybersecuritynews.com/wordpress ... erability/