Home / Security / Security: Update This WordPress Plugin to Prevent a Site Takeover

Security: Update This WordPress Plugin to Prevent a Site Takeover

Security:

Security researchers discovered a severe vulnerability present in older versions of the popular WordPress plugin Code Snippets that could allow attackers to take over a person’s website remotely. The plugin’s developers have issued a patch to fix the bug, but there are still over 200,000 websites at risk.

Code Snippets allows WordPress sites to run small bits of PHP code to add extra features without needing extra plugins, and you can even use pre-written code to make the process easy. It’s a helpful tool for folks who may not have the programming skills to write plugins themselves, but as Threat Post explains in its report of the bug, Code Snippet’s import tool fails to check the source and safety of the code first, meaning users could unwittingly import and run malicious code. This could open their sites up to various attacks—including allowing hackers to execute commands without administrator access.

It’s a scary bug, but it’s fixable. If your WordPress page uses Code Snippets, you should update the plugin right away—especially before adding or running any new code to your site. You can grab the update by logging into your website’s backend then going to the “Updates” section from the WordPress dashboard. You can also download and install the latest version from Code Snippet’s WordPress P

Read More

About admin

Check Also

Security: Biden’s staff must delete TikTok from their personal and work phones

Security: Biden’s staff must delete TikTok from their personal and work phones

Staffers from Democrat Joe Biden’s presidential campaign must remove TikTok from personal and work phones, a campaign official told The Verge. That’s because of security concerns around the popular app. TikTok can access users’ clipboard content on iOS — potentially a problem for anyone using a password manager to log into secure accounts. Some politicians…

Leave a Reply

Your email address will not be published. Required fields are marked *