On October 5, 2022, the Wordfence Threat Intelligence team responsibly disclosed a Missing Authorization vulnerability in Blog2Social, a WordPress plugin installed on over 70,000 sites that allows users to set up post sharing to various social networks. Vulnerable versions of the plugin make it possible for authenticated attackers with minimal permissions, such as subscribers, to change the plugin’s settings.
You may also like
How to Test Your WordPress Theme Against Latest Standards
Do you want to see if your WordPress theme meets...
4 WordPress Plugins for Selling Domain Names
Domain names are pretty cheap to buy these days...
WordPress Vulnerability Report — May 1, 2024
In this report, 359 vulnerabilities have been...