Security Expert Re: New WordPress RCE Exploit (CVSS Score 10.0 )

Webmasters who use WordPress plugin Adning Advertising are urged to patch against a critical vulnerability that is reportedly being exploited in the wild. Exploitation of the flaw enables an unauthenticated attacker to upload arbitrary files, leading to remote code execution (RCE) and potentially a full site takeover.

Such is the flaw’s seriousness, MITRE has assigned it the highest possible CVSS score – 10.0.


EXPERTS COMMENTS
Jayant Shukla, CTO and Co-Founder,  K2 Cyber Security
July 13, 2020
Some of the largest data breaches, like the Equifax attack, started with an RCE attack.
Remote Code Execution (RCE) remains one of the most dangerous exploits in the cybercriminal arsenal. RCE allows criminals to run what they want on the server they exploit. Some of the largest data breaches, like the Equifax attack, started with an RCE attack. Traditional application security tools like Web Application Firewalls (WAFs) have a tough time with RCE attacks because they typically re ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article