Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
Hack Attack Alert: 150,000 WordPress Sites at Risk Due to Modern Events Calendar Flaw
Hackers are exploiting a vulnerability in the Modern Events Calendar WordPress plugin, affecting over 150,000 websites. CVE-2024-5441 allows arbitrary file uploads, risking remote code execution and site takeover. Update to version 7.12.0 immediately to avoid attacks.
Hot Take:
WordPress plugins: Making your life easier, and hackers’ lives even easier. If only patching vulnerabilities was as simple as adding a calendar event…
Key Points:
– CVE-2024-5441 vulnerability in the Modern Events Calendar WordPress plugin affects over 150,000 websites.
– The issue allows arbitrary file uploads and remote code execution.
– Discovered by Friderika Baranyai during Wordfence’s Bug Bounty Extravaganza.
– Webnus released a patch (version 7.12.0) to fix the vulnerability.
– Wordfence detected over 100 hacking attempts within 24 hours of the vulnerability disclosure.
Already a member? Log in here