A popular plugin for WordPress called Just Post Preview Widget has a security flaw in its older versions, up to 1.1.1. This means that hackers who have contributor-level access or higher can upload and run any type of file on the server, including PHP files. This can be used to get around security measures, steal important information, or even run malicious code.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
