Security News > 2020 > January > Update now! Popular WordPress plugins have password bypass flaws
2020-01-16 13:47
Researchers have discovered password bypass vulnerabilities affecting two WordPress plugins from a publisher called Revmakx.
The first vulnerable plugin is RevMakx's InfiniteWP Client, a tool that allows admins to manage multiple WordPress sites from the same interface.
Updating is most easily achieved from the Plugins tab in the WordPress dashboard.
There you can see which plugins have updates available, after which it's a matter of hitting Update now to install the new versions.
Blogging software such as WordPress can keep itself updated, but you need to keep track of the plugins yourself.