Techly NewsGet the app

Get the latest tech news

Critical WordPress plugin vulnerability under active exploit threatens thousands


Vulnerability with severity rating of 9.8 out of possible 10 still live on >8,000 sites.

“This vulnerability represents a significant and multifaceted threat, targeting sites that use both a ThemeHunk theme and the Hunk Companion plugin,” Daniel Rodriguez, a researcher with WordPress security firm WP Scan, wrote. Rodriguez said the vulnerability stemmed from a flaw in Hunk Companion code that allowed “unauthenticated requests to bypass the intended checks” that led to the “installation and activation of arbitrary plugins.” Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of Thousands

Thousands

Photo of vulnerability

vulnerability

Photo of active exploit

active exploit

Related news:

News photo

OpenAI CFO Thinks Business Users Will Pay Thousands Monthly for AI Tools

News photo

Airline informant received thousands from passenger cash seizures

News photo

If you can make this AI bot fall in love, you could win thousands of dollars

« New stealthy Pumakit Linux rootkit malware spotted in the wild
American cops are using AI to draft police reports, and the ACLU isn't happy »