Webmasters who use WordPress plugin Adning Advertising are urged to patch against a critical vulnerability that is reportedly being exploited in the wild. Exploitation of the flaw enables an unauthenticated attacker to upload arbitrary files, leading to remote code execution (RCE) and potentially a full site takeover.
Such is the flaw’s seriousness, MITRE has assigned it the highest possible CVSS score – 10.0.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.