Top WordPress plugins found to have some serious security flaws, so make sure you’re protected
Posted by:
James Thompson
Two premium WordPress plugins, WPLMS and VibeBP, were discovered to have serious security vulnerabilities that could potentially allow attackers to take control of websites and steal sensitive information. The vulnerabilities, found by cybersecurity platform Patchstack, have now been patched, and users are advised to update their plugins to the latest versions immediately. WPLMS, a popular Learning Management System (LMS) plugin, and VibeBP, which integrates social learning features with BuddyPress, were affected by these vulnerabilities. Patchstack identified 18 security flaws, with one bug even reaching a severity score of 10/10 due to its potential for remote code execution. Site owners are urged to prioritize security measures such as secure file uploads, SQL query sanitation, and role-based access controls to protect their websites. More information can be found on the BleepingComputer website.
Recent Posts1
