On March 20, 2023, the Wordfence Threat Intelligence team began the responsible disclosure process for two vulnerabilities in Shield Security, a security plugin with over 50,000 installations. One of these vulnerabilities allowed unauthenticated attackers to inject malicious JavaScript into an administrator dashboard in some configurations, while another allowed authenticated attackers to spoof log entries into the same dashboard, which could also be used to exploit the first vulnerability in configurations where the unauthenticated technique was not viable.
You may also like
How To Build A Website With Elementor Website Builder For WordPress
In today’s digital age, having a website is no...
Patte WordPress Theme for Pet Shops
Here is another attractive WordPress theme for...
WP Downgrade: Downgrade to Previous WordPress Versions
Have you ever upgraded your WordPress site only...