Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Critical SSTI Flaw in WPML Plugin Exposes Millions of WordPress Sites to RCE Attacks
Malware and Vulnerabilities
August 27, 2024
Security Online
This vulnerability allows authorized users to inject and execute malicious code through the plugin's shortcode feature, potentially leading to data theft and website takeover.
Read More
Wordpress Sites
CVE-2024-6386
WPML plugin
Remote Code Execution (RCE)
Site Takeover Attack
Publisher
Previous
Tech Support Scam Found Hijacking Microsoft Search Quer ...
Identity Theft, Fraud, Scams
Next
Centreon Issues Critical Security Update to Fix SQL Inj ...
Malware and Vulnerabilities