Shield Security WP Plugin: Patched Serious Vulnerability Secured

February 11, 2024
1 min read

A serious security vulnerability has been discovered in the Shield Security WP plugin, which could allow arbitrary file inclusion. The flaw has been patched by the developers with the latest plugin release, and users are urged to update to the latest version as soon as possible. The vulnerability specifically affected the plugin’s render_action_template parameter, allowing an unauthenticated attacker to include malicious PHP files on the target server and execute malicious PHP code. The vulnerability received a critical security rating with a CVSS score of 9.8. The issue typically affected PHP files only, ruling out the possibility of remote code execution attacks. The plugin developers have released version 18.5.10 to patch the vulnerability, but users are advised to update to the latest available version.

Latest from Blog

Trust is the secret sauce for cybersecurity success

TLDR: Key Points: Trust between CISOs and top executives is crucial for justifying cybersecurity investments. Five key questions CISOs must ask themselves about their cybersecurity strategy include budget justification, risk reporting, celebrating

Expert opinion on cyber security is a must have

TLDR: Key points from the article: Study shows link between lack of sleep and increased risk of Alzheimer’s disease. Researchers found that poor sleep quality was associated with higher levels of brain