Critical WordPress Plugin Bug Lets Hackers Turn Users into Admins

A critical privilege escalation vulnerability found in the Rank Math WordPress SEO plugin can allow attackers to give administrator privileges to any registered user on one of the 200,000 sites with active installations if left unpatched. Read more

Read full article

Similar

Content Injection Vulnerability in WordPress

Technical details of the WordPress privilege escalation vulnerability in the REST API calls of WordPress 4.7 and 4.7.1, as discovered by our research team.

How to create a WordPress Theme using Webflow

A simple guide to making Wordpress themes using Webflow. (more…)

Using a GitHub Action to downgrade a WordPress plugin from PHP 7.4 to 7.1

PHP developers want to have access to the latest features of the language, but for various reasons, they may not be able to. It could be that the client’s server runs on an older version and can’t be upgraded, or the CMS must support legacy code, or the u... (more…)

Hackers are exploiting a critical flaw affecting over 350k WordPress sites

Flaw is in File Manager, a plugin with more than 700,000 users; 52% are affected. (more…)

Proof of Concept for “viewing unauthenticated posts” in WordPress 5.2.3

A couple of days Wordpress released 5.2.4 with a few security patches. Props to J.D. Grimes who found and disclosed a method of viewing unauthenticated posts. caught my attention, but I couldn't find a public Proof of Concept, so I set out to reverse engi... (more…)

Latest News

Facebook, Microsoft, Google and Amazon are snapping up Rust experts

Python Sorted Containers

How to Replace Bash with Python as Your Go-To Command Line Language