Contact Form

Name

Email *

Message *

Cari Blog Ini

Critical Flaw In Donation Plugin Exposed 100000 Wordpress Sites To Takeover

Critical WordPress Plugin Vulnerability Impacts Over 100,000 Websites

Overview

A severe vulnerability in the popular WordPress donation plugin, GiveWP, has been discovered, exposing over 100,000 websites to potential attacks.

The vulnerability, tracked as CVE-2024-5932, allows unauthenticated remote attackers to execute arbitrary code and delete files on affected websites.

Impact

This vulnerability could allow attackers to:

  • Take control of affected websites
  • Steal sensitive data, such as payment information and user credentials
  • Install malware and redirect visitors to malicious websites

The vulnerability affects all versions of GiveWP prior to 5.7.2.

Resolution

WordPress users are strongly advised to update GiveWP to version 5.7.2 or later immediately.

Here are step-by-step instructions to update GiveWP:

1. Log in to your WordPress dashboard. 2. Navigate to Plugins > Installed Plugins. 3. Find GiveWP in the list of plugins. 4. Click on the Update Now button.

If you are unable to update GiveWP, you can disable the plugin until a fix is available.

Additional Resources


Comments