来自MSN26 天
Another serious WordPress plugin vulnerability could put 40,000 sites at risk of attack
and then include the SVG file in a post, to run the code. The process makes RCE “relatively easy”, it added. The bug was first spotted in early January 2025, with Artbees coming back with a ...
Infosecurity-magazine.com28 天
WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack
The flaw allows attackers to upload specially crafted SVG files containing PHP code. By chaining this with a vulnerability in the get_svg() function ... was reported by the researcher stealthcopter on ...