Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Critical WordPress Plugin Vulnerability Exposes Over 40,000 Websites to Code Execution Attacks
Malware and Vulnerabilities
March 21, 2025
SecurityOnline
This security flaw allows unauthenticated attackers to include and execute arbitrary PHP files on the server. The risk associated with this vulnerability is particularly severe, as it could lead to full server compromise.
Read More
WordPress
Wordpress Sites
CVE-2025-2505
Remote Code Execution (RCE)
Local File Inclusion (LFI)
Publisher
Previous
HellCat Hacker Group Targets Jira Servers Worldwide Usi ...
Threat Actors
Next
RansomHub Ransomware Uses New Betruger ‘Multi-Function’ ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/82e3_shutterstock_2484451477.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/439c_shutterstock_1873437166.jpg)
