PHP Everywhere RCE flaws threaten thousands of WordPress sites

Researchers found three critical remote code execution (RCE) vulnerabilities in the ‘PHP Everywhere’ plugin for WordPress, used by over 30,000 websites worldwide. PHP Everywhere is a plugin that allows WordPress admins to insert PHP code in pages, posts, the sidebar, or any Gutenberg block, and use it to display dynamic content based on evaluated PHP expressions.

Read full article on Bleeping Computer

 


Date:

Categorie(s):