Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Flaw in UpdraftPlus Plugin Exposes Millions of WordPress Sites to Unauthenticated PHP Object Injection Exploits
Malware and Vulnerabilities
January 06, 2025
SecurityOnline
Identified as CVE-2024-10957 and assigned a CVSS score of 8.8, the UpdraftPlus Backup & Migration Plugin flaw could allow unauthenticated attackers to exploit PHP Object Injection vulnerabilities under certain conditions.
Read More
CVE-2024-10957
PHP Object Injection
Wordpress Sites
UpdraftPlus Backup & Migration Plugin
Arbitrary Code Execution
Publisher
Previous
NonEuclid RAT Combines Advanced Stealth, Anti-Detection ...
Malware and Vulnerabilities
Next
CryptBot Spread via Websites Promising Cracked Software
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/b247_shutterstock_2203264765.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/5310_shutterstock_1916985977.jpg)
