Updates have been released for UpdraftPlus, a WordPress plugin with over 3 million installations, after a vulnerability was discovered by Jetpack security researcher Marc Montpas. Montpas said the ...

Security researcher at Automattic discovered a vulnerability affecting popular WordPress backup plugin, UpdraftPlus. The vulnerability allowed hackers to download user names and hashed passwords.

WordPress has taken the rare step of force-updating the UpdraftPlus plugin on all sites to fix a high-severity vulnerability allowing website subscribers to download the latest database backups, which ...

Millions of WordPress sites have received a forced patch over the past few days, Ars Technica has reported. The reason is a vulnerability in UpdraftPlus, a popular plugin that allows users to create ...

A popular backup WordPress plugin with more than three million users has recently patched up a vulnerability that allowed threat actors access to passwords, identity information, and other sensitive ...

脆弱性の情報(CVE)は次のとおり。 CVE-2024-10957- PHPオブジェクトインジェクションの脆弱性。POPチェーンを含む別のプラグインやテーマがインストールされている場合、認証されていない攻撃者は任意ファイルの削除、機密データの窃取、コードの実行などを ...