Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

2024-11-18 04:52

A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site. The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The

News URL

https://thehackernews.com/2024/11/urgent-critical-wordpress-plugin.html

#critical #vulnerability #wordpress #CVE-2024-10924

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-15	CVE-2024-10924	The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. CWE-288	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Wordpress		49	36	410	104	29	579
Plugin		2	0	13	0	0	13

News URL

Related news

Related Vulnerability

Related vendor