CyberNews Briefs

Critical WordPress Bug Leaves 320,000 Sites Open to Attack

Infinite Client and WP Time Capsule, two WordPress plugins, contain vulnerabilities that leave sites open to attack. The bug is a critical authorization complication that allows adversaries access to the backend of a site without a password.

The attacker only needs the admin username for the WordPress plugins. Both of the plugins contain issues within their code. According to the WordPress plugin library, over 300,000 websites are using the InfiniteWP Client while 20,000 are using the WP Time Capsule plugin. The vulnerabilities were reported on January 7, and patches were released the next day. The bugs were announced publicly by WebArx earlier this week.

Read More: Critical WordPress Bug Leaves 320,000 Sites Open to Attack

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.