Security News > 2020 > March > Popular ThemeREX WordPress Plugin Opens Websites to RCE
A critical vulnerability in a WordPress plugin known as "ThemeREX Addons" could open the door for remote code execution in tens of thousands of websites.
The plugin, which is installed on approximately 44,000 sites, is used to apply various "Skins" that govern the look and feel of web destinations, including theme-enhancing features and widgets.
To provide compatibility with WordPress' Gutenberg plugin, the ThemeREX Addons plugin uses an API, according to Wordfence researcher Chloe Chamberland, writing in a blog posting on Monday.
Php" file to register an endpoint, which in turn calls the "Trx addons rest get sc layout" function.
Further down in the code, there's also a functionality used to get parameters from widgets that work with the Gutenberg plugin.