New WordPress plugin vulnerabilities are putting millions of websites at risk. Various security experts warned that these flaws could lead to massive user data leaks, allowing hackers and other cybercriminals to acquire essential data from consumers across the globe.
Based on their findings, WordPress is currently suffering from two vulnerabilities in the popular Ninja Forms plugin. They explained that Ninja Forms currently has more than one million websites under its installation base. about:blank
https://imasdk.googleapis.com/js/core/bridge3.482.0_es_419.html#goog_724541503The Whales of Hermanus!Copiar la url del videoReproducir / PausarSilenciar / Activar sonidoReportar un problemaIdiomaMox PlayerADVERTISEMENT
They added that these new security flaws appeared because the WordPress plugin usually relies on an unsafe implementation of the user permission checker mechanism, as explained by involved security researchers via BestGamingPro‘s latest report.
Millions of WordPress at Risk!
According to Tech Radar‘s latest report, the issue with WordPress plugins is on user permission activity. As of the moment, the popular platform relies on an insecure system that only checks if the consumer is logged in or not.
(Photo : Photo credit should read ISSOUF SANOGO/AFP via Getty Images)
A woman uses a laptop on April 3, 2019, in Abidjan. – According to the figures of the platform of the fight against cybercrime (PLCC) of the national police, nearly one hundred crooks of the internet, were arrested in 2018 in Ivory Coast, a country known for its scammers on the web, has announced on April 2, 2019 the Ivorian authority of regulation of the telephony.
Security experts explained that it could not check the correct permissions, which are usually triggered by the user’s digital activity on a website.
One of the major vulnerabilities it creates is allowing access to the account to export all the sensitive user data on a website. This simply means that if you left your account open on a certain device, people who have access to that gadget could easily release your data without being asked for the account owner’s permission.
As of the moment, WordPress is just one of the victims of the rising hacking industry. In other news, Fortinet VPN was also hit by a massive password leak. On the other hand, T-Mobile was hacked by a cybercriminal who could steal user data in just a week.
WordPress Consumers Now Urged To Update!
Wordfence’s cybersecurity experts are now urging WordPress consumers to update their accounts.
However, you need to know some important details before installing the platform’s latest security features. WordPress explained that once you upgrade your account or website, all your files will be affected.
These include videos, photos, documents, and other folders. To know more about the WordPress update, all you need to do is click this link. about:blank
For more news updates about WordPress and other platforms affected by major security flaws, always keep your tabs open here at TechTimes.