[WordPress Security] Multiple Vulnerabilities in InfiniteWP Admin Panel
About an hour ago a researcher from the Netherlands disclosed multiple serious vulnerabilities
in the InfiniteWP Admin Panel. This panel is used to manage multiple
WordPress sites and appears to be used by over 300,000 customers. The
vulnerabilities include SQL injection and remote file upload
vulnerabilities.
InfiniteWP was notified
by the researcher and has released two fixes, the most recent of which
was released yesterday. However the researcher went ahead and disclosed
the vulnerabilities an hour ago on two security lists, which has given
very little time for customers to upgrade.
So we're sending this urgent security alert
to let any InfiniteWP Admin Panel customers know that they need to
upgrade immediately to avoid having the sites they manage with this
product exploited.
Original Source WordFence Security
Post a Comment