all InfoSec news
Critical Privilege Escalation Vulnerability in Charitable WordPress Plugin Affects Over 10,000 sites
Malware Analysis, News and Indicators - Latest topics malware.news
On August 10, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a Privilege Escalation vulnerability in the Donation Forms by Charitable plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible for an unauthenticated attacker to grant themselves administrative privileges by supplying a role during a registration.
Wordfence Premium, Wordfence Care, and Wordfence Response users received a firewall rule to protect against any exploits targeting …
august charitable critical disclosure donation escalation forms intelligence plugin privilege privilege escalation process responsible responsible disclosure team threat threat intelligence unauthenticated vulnerability websites wordfence wordpress wordpress plugin