This post was originally published on this site

We disclosed a critical remote code execution vulnerability in the EWWW Image Optimizer plugin to the author yesterday morning. He responded very quickly and published a fix this morning. The plugin is very popular with over 300,000 active installs, according to wordpress.org.

Wordfence Senior Developer Sean Murphy discovered the Remote Command Execution vulnerability which an attacker can exploit on multisite WordPress installations to gain complete control of a WordPress site. Sean is the same researcher who discovered the critical security hole in Freshdesk that affected thousands of Freshdesk corporate customers, which we announced last month.

The vulnerability can be exploited in a number of ways including creating a backdoor or taking a site down altogether. To learn more about what hackers do with compromised websites, check out our blog post from April.

Severity: 9.6 (Critical)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

What to do

If you are running the Premium version of Wordfence and have the firewall enabled you are already protected. We added a firewall rule that protects against this vulnerability yesterday morning.

Free Wordfence users running the vulnerable version of the EWWW plugin should update to version 2.8.5 immediately. 

The post Vulnerability in EWWW Image Optimizer 2.8.0. Severity 9.6 (Critical) appeared first on Wordfence.

Share This

We are using cookies on our website

Please confirm, if you accept our tracking cookies. You can also decline the tracking, so you can continue to visit our website without any data sent to third party services.