On Monday, November 20th, we were notified about a vulnerability that poses a serious security risk when the Shortcodes Ultimate and Formidable Forms plugins are used together on a single WordPress installation.
Over the past couple of weeks, we’ve noticed a large influx in the number of malicious requests testing for the presence of the two popular WordPress plugins. Both of these plugins contain separate medium-risk vulnerabilities that, when combined, allow an attacker to remotely execute rogue code on the underlying server.
This is a Security Bloggers Network syndicated blog post authored by Marc-Alexandre Montpas. Read the original post at: Sucuri Blog