Expert Reaction On Maximum Severity Vulnerability in WordPress wpDiscuz Plugin

According to researchers, a maximum severity vulnerability in the wpDiscuz plugin installed on over 80,000 WordPress sites can be exploited to give attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site’s server.

Tim Chiu, Vice President of Marketing,  K2 Cyber Security
July 30, 2020
This new vulnerability is another good reminder to ensure your plug-ins are up to date.
Another day, another WordPress plug-in vulnerability. Each one is a good reminder that plug-ins can affect your site’s overall security. While there are some workarounds to protect sites, this one can be particularly dangerous, allowing arbitrary code to be uploaded to your WordPress site. This new vulnerability is another good reminder to ensure your plug-ins are up to date and you’re only ....
[Read More >>]
Tom Chack, Project Manager,  gVectors Team
July 30, 2020
We're the wpDiscuz plugin developers
All is fixed! The problem is 100% fixed and wpDiscuz is safe. You can ignore this if you've already updated to 7.0.5 or higher version (current version is 7.0.6). This was fixed and the new version 7.0.5 was released a week ago. There is not any issues with current wpDiscuz version. It's 100% secure now. This kind of issues happens with almost all WordPress plugins, so there is no reason to ....
[Read More >>]
Ameet Naik, Security Evangelist ,  PerimeterX
July 30, 2020
Data breaches can expose businesses to severe compliance penalties under data protection regulations such as CCPA and GDPR.
WordPress powers over 30% of the web and remains an attractive target for attackers. This latest flaw via the wpDiscuz plugin gave attackers the ability to upload files, and achieve remote code execution on-site servers. Attackers can use XSS vulnerabilities to gain privileged access to a website and plant malicious JavaScript code that can steal user data, spread malware, or hijack users to nefar ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments

In this article