A plugin for WordPress called “Last Viewed Posts by WPBeginner” has a security issue that allows attackers to insert malicious code through a cookie. This can be done by anyone, without needing to log in. If there are other plugins or themes installed on the website, the attacker could potentially delete files, access private information, or even run their own code.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
