Saturday

Wordpress Security Alert


Wordpress Security Alert - Orbit Fox Plugin


Two vulnerabilities, one critical and one of medium severity, have been discovered

The Orbit Fox plugin contains security bugs that enable attackers to take control of a website or inject malicious code

According to the researchers, the vulnerability is contained within the Orbit Fox registration widget and allows lower-level users to gain administrator privileges

The flaw can be exploited because the plugin only provides client-side protection to prevent the role selector from being shown to low-level users

The second vulnerability found within Orbit Fox affects the plugin's header and footer script feature and allows threat actors to add malicious JavaScript to posts. This code then executes when a user visits the related webpage

These flaws have been fully patched in version 2.10.3. We recommend that users immediately update to the latest version available, which is version 2.10.3


Patch it if you use it!


-------------------------------------------------------------------

Web Hosting Problems?

GlobalResolution provides high performance, bespoke Hosting Solutions with emphasis on Security, uptime and expert support around the clock
 
Change can be difficult which is why we offer a 30 day free trial so you can dip your toe in the water before jumping in
 
We are more than happy to duplicate your site over for you without any downtime 


Click HERE for more information

-------------------------------------------------------------------

Know someone who uses Wordpress?

Maybe our regular updates will come in handy and be of benefit, give them a heads up!
https://mau.globalresolution.net/subscribe


Need to adjust your subscription?

We hope you continue wanting to receive our much loved WPMEMO,
if however you feel we are getting on your nerves you can easily unsubscribe to no longer receive emails from us


Unsubscribe to no longer receive emails from us.

No comments:

Post a Comment