WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins The Hacker [email protected] (The Hacker News)

December 12, 2024

Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks.
The flaw, tracked as CVE-2024-11972 (CVSS score: 9.8), affects all versions of the plugin prior to 1.9.0. The plugin has over 10,000 active installations.
“This flaw poses a significant security risk, as it Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks.
The flaw, tracked as CVE-2024-11972 (CVSS score: 9.8), affects all versions of the plugin prior to 1.9.0. The plugin has over 10,000 active installations.
“This flaw poses a significant security risk, as it 

Read More

Share

In The News  / Uncategorized



Leave A Reply


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.