[WordPress Security] Serious Vulnerability in the WPML Plugin

DanN

Web Designer
Registered
Full Member
Freelancer
Web Designer
Several serious vulnerabilities have been disclosed in the WPML plugin for WordPress. Jouko Pynnonen, the CEO of Finland-based IT company Klikki Oy disclosed the vulnerabilities earlier this week. They include:
  • SQL injection which gives full access to the WordPress database.
  • Page, post and menu deletion by an unauthenticated attacker.
  • Reflected XSS
  • Unauthenticated administrative functions.
SecurityWeek is also covering this issue.

What to do: Upgrade immediately to WPML version 3.1.9 which was released earlier this week and resolves these issues.

Regards,
Mark Maunder
Wordfence Founder & CEO
Nu am mai stat sa traduc aceasta notificare din partea Wordfence
 

Reclama

Stiri Monezi Virtuale

Reducere pentru Vacanta

Loading...
Sus