Millions of websites using WordPress all over the world have begun to receive one security patch related to popular software. This patch is required for cclose a dangerous security flaw related to UpdraftPlus plugin. The patch is mandatory as the emerging bug could be exploited, very easily, to cause damage to the website that uses WordPress. Here are the details:
WordPress updates with a major security patch
The security flaw that required the WordPress patch was identified by Marc Montpas, a researcher specializing in this type of operation who reported the bug on Tuesday. The fix was almost immediate and within a few days millions of websites registered the security update. The release of the patch took place on the server side, therefore without the need for users to intervene. The vulnerability that emerged was defined as very serious and, also for this reason, the fix was released as quickly as possible.
What was the fault of
The problem that emerged was related to UpdraftPlus. It is a WordPress plugin that allows users to create and restore backups of entire websites. Due to the bug, anyone, even without administrator privileges, could perform the operations allowed by the bug, potentially jeopardizing the security of a website.