all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

PSA: Critical POP Chain Allowing Remote Code Execution Patched in WordPress 6.4.2

Add to bookmarks
Dec. 6, 2023, 9:13 p.m. | Ram Gall

Wordfence www.wordfence.com

WordPress 6.4.2 was released today, on December 6, 2023. It includes a patch for a POP chain introduced in version 6.4 that, combined with a separate Object Injection vulnerability, could result in a Critical-Severity vulnerability allowing attackers to execute arbitrary PHP code on the site. We urge all WordPress users to update to 6.4.2 immediately, ...
Read More


The post PSA: Critical POP Chain Allowing Remote Code Execution Patched in WordPress 6.4.2 appeared first on Wordfence.

attackers code code execution critical december injection object patch php pop psa remote code remote code execution result severity today version vulnerabilities vulnerability wordpress wordpress security

Visit resource

More from www.wordfence.com / Wordfence

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 22, 2024 to April 28, 2024) 1 day, 7 hours ago | www.wordfence.com
april bounty bug bug bounty +16
$197 Bounty Awarded for Unauthenticated Arbitrary Post Deletion Vulnerability Patched in LeadConnector WordPress Plugin 4 days, 7 hours ago | www.wordfence.com
bounty bug bug bounty deletion +16
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024) 1 week, 1 day ago | www.wordfence.com
april bounty bug bug bounty +17
$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin 1 week, 3 days ago | www.wordfence.com
april bounty bug bug bounty +16
$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin 2 weeks ago | www.wordfence.com
bounty bug bug bounty disclosure +18
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024) 2 weeks, 1 day ago | www.wordfence.com
april bounty bug bug bounty +17
$400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin 2 weeks, 2 days ago | www.wordfence.com
activity log bounty bug bug bounty +21
$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express … 2 weeks, 4 days ago | www.wordfence.com
bounty bug bug bounty can +19
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024) 3 weeks, 1 day ago | www.wordfence.com
april bounty bug bug bounty +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)

@ IREX | Ramallah, West Bank, Palestinian National Authority
View on infosec-jobs.com

Consultant(e) Junior Cybersécurité

@ Sia Partners | Paris, France
View on infosec-jobs.com

Senior Network Security Engineer

@ NielsenIQ | Mexico City, Mexico
View on infosec-jobs.com

Senior Consultant, Payment Intelligence

@ Visa | Washington, DC, United States
View on infosec-jobs.com

Corporate Counsel, Compliance

@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
View on infosec-jobs.com

Security Operations Engineer

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs