Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Critical remote code execution flaw found in WordPress plugin

Critical remote code execution flaw found in WordPress plugin

2014/12/04

Threatpost - (International) Researchers with Sucuri identified and reported a vulnerability in the WP Download Manager plugin for WordPress that could have allowed attackers to implant a backdoor or gain access to administrative accounts on vulnerable Web sites. The developers of WP Download Manager released an update to close the vulnerability the week of December 1.

Source: http://threatpost.com/critical-remote-code-execution-flaw-found-in-wordpress-plugin/109720

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:41