Advertisement
Top
image credit: Pixabay

Over 200K WordPress sites potentially exposed to hack due to Code Snippets flaw

January 30, 2020

Via: Security Affairs
Category:

A high severity cross-site request forgery (CSRF) bug, tracked as CVE-2020-8417, in Code Snippets plugin could be exploited by attackers to take over WordPress sites running vulnerable versions of the Code Snippets plugin.

The plugin allows users to execute code without adding custom snippets to their theme’s functions.php file.

Code Snippets also implements a graphical interface, similar to the Plugins menu, for managing snippets. Snippets can can be activated and deactivated, just like plugins.

Read More on Security Affairs

RELATED PUBLICATIONS

Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software
CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability

Latest Publications

AI set to play key role in future phishing attacks
U.S. Gov imposed Visa restrictions on 13 individuals linked to commercial spyware activity
5 Hard Truths About the State of Cloud Security 2024
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!