Quantcast
Channel: Daily Dark Web
Viewing all articles
Browse latest Browse all 868

A Threat Actor Alleged 0-Day Vulnerability in Popular WordPress Plugin

$
0
0

A threat actor claims to have discovered a 0-day vulnerability in a WordPress plugin with over 50 million downloads. This vulnerability exploits broken access control, letting attackers create admin users under certain conditions. The actor offers the vulnerability details for $500 and the exploit for $700, including a proof of concept.

The actor explains the low price by noting that the exploit requires specific admin panel actions, which users rarely do. The claims indicate a potential risk, but it’s unclear if they’re accurate or if patches exist to fix this issue.

The post A Threat Actor Alleged 0-Day Vulnerability in Popular WordPress Plugin appeared first on Daily Dark Web.


Viewing all articles
Browse latest Browse all 868

Trending Articles