High Severity CSRF to RCE Vulnerability Patched in Code Snippets Plugin
On January 23rd, our Threat Intelligence team discovered a vulnerability in Code Snippets, a WordPress plugin installed on over 200,000 sites. The flaw allowed attackers to forge a request on behalf of an administrator and inject code on a vulnerable site. This is a Cross-Site Request (CSRF) to Remote Code Execution (RCE) vulnerability. We privately disclosed the full details of the issue to the plugin’s developer on January 24th, who was quick to respond and release a patch one day later.
Find out more on the blog: https://www.wordfence.com/blog/2020/0...
Watch video High Severity CSRF to RCE Vulnerability Patched in Code Snippets Plugin online, duration hours minute second in high quality that is uploaded to the channel Wordfence 28 January 2020. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 3,850 times and liked it 27 visitors.
