Security News > 2023 > December > WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability
2023-12-08 09:23
WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites. "A remote code execution vulnerability that is not directly exploitable in core; however, the security team feels that there is a potential for high severity when combined with some plugins,
News URL
https://thehackernews.com/2023/12/wordpress-releases-update-642-to.html
Related news
- Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
- LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)