all InfoSec news
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
Malware Analysis, News and Indicators - Latest topics malware.news
On May 20, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a Privilege Escalation vulnerability in WPDeveloper’s ReviewX plugin, which is actively installed on more than 10,000 WordPress websites. This vulnerability makes it possible for an authenticated attacker to grant themselves administrative privileges via a user meta update.
Wordfence Premium, Wordfence Care, and Wordfence Response users received a firewall rule to protect against any exploits targeting this vulnerability on May 22, …
addresses administrative privileges disclosure escalation grant intelligence may plugin privilege privilege escalation privileges process responsible responsible disclosure team threat threat intelligence vulnerability websites wordfence wordpress wordpress plugin