Ad Inserter, a popular Ad management WordPress Plugin was discovered to contain a critical vulnerability. The vulnerability allows an authenticated user as low as a subscriber to execute code on the affected website, Search Engine Journal reported.
WordPress plugin patch time !
"Critical Vulnerability in WordPress Ad Inserter Plugin Let Hackers to Execute Arbitrary PHP Code"
Connected=hacked#cybersecurity https://t.co/v4Zv0Ju7FN— tresronours cybersec (@tresronours) July 16, 2019
Expert Comments:
Eoin Kary, CEO and Co-founder at edgescan:
Continuous assessment of websites and assets is the key to keeping pace with such vulnerabilities. Vulnerabilities won’t fix themselves and won’t stop existing anytime soon.
Deploying a continuous visibility and vulnerability assessment model is the only way to detect and keep track of such issues. It’s surprising how many organisations don’t keep pace with continuous change and flux: without visibility over the potential entry points, there is little that organisations can do to prevent them becoming known when exploited by malicious actors. I’m afraid this is part of life if one wishes to maintain a secure posture.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
