On December 18, 2023, right before the end of Holiday Bug Extravaganza, we received a submission for a Local File Inclusion vulnerability in Shield Security, a WordPress plugin with more than 50,000+ active installations. It’s important to note that this vulnerability is limited to just the inclusion of PHP files, however, it could be leveraged by an attacker who has the ability to upload PHP files but can not directly access those files to execute.
You may also like
How to Add Categories and Tags to WordPress Media Library
Do you want to add categories and tags to images...
PeproDev CF7 Database Plugin Lets You Save Submissions Into WordPress Media
Plenty of people use Contact Form 7 to receive...