WordPress Plugin Exploit

November 13, 2018 - Less than a minute read

WordPress Plugin Exploit

Last week a WordPress plugin, WP GDPR Compliance, reported multiple vulnerabilities. The plugin, temporarily removed, is now available again. The vulnerability allowed cyber-criminals unauthenticated privilege escalation, allowing them to infect other vulnerable WordPress sites. The plugin, installed over 100,000 times, assists WordPress websites comply with the European Union’s GDPR privacy regulation.

WordPress makes managing a website simpler for small businesses. They do this by offering plugins, which allow for easy customization of the site. Like all third-party tools and products, they are susceptible to security vulnerabilities. Regularly updating plugins recommended. Regular updates for operating systems, software, firmware, plugins, and your apps is one of the best way to help cyber-secure a small business from cyber-criminals.