Wordfence this week disclosed a critical remote code execution vulnerability found in the EWWW Image Optimizer plugin to the plugin’s author Shane Bishop.

Bishop yesterday released a fix for the vulnerability, which can be found on WordPress.org. Users running the EWWW Image Optimizer plugin should update to version 2.8.5 immediately as this is a critical security update.

According to Wordfence, the vulnerability, which was discovered by Wordfence Senior Developer Sean Murphy, allows hackers to exploit multisite installations to gain total control of a site.

“The vulnerability can be exploited in a number of ways including creating a backdoor or taking a site down altogether,” Wordfence said.

EWWW Image Optimizer is one of the most popular image optimization plugins for WordPress with more than 300,000 downloads in the WordPress plugin directory. Again, users who are running this plugin should update to version 2.8.5 as soon as possible.

Marie Dodson

Marie is the editor at Torque. She enjoys reading good books, drinking good wine, and traveling to fun places.

The post EWWW Image Optimizer 2.8.5 Patches Critical Security Vulnerability appeared first on Torque.

Share This

We are using cookies on our website

Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.