Tag: Comments – wpDiscuz

wpDiscuz Plugin Fixes Critical Arbitrary File Upload Vulnerability

wpDiscuz Plugin Fixes Critical Arbitrary File Upload Vulnerability

Plugins, Security
wpDiscuz version 7 is a revolutionary perspective on the commenting world! This plugin is designed to change your website commenting experience and provides you with new user engagement features. On June 19th, the WordFence Threat Intelligence team discovered a vulnerability present in Comments – wpDiscuz, a WordPress plugin that is installed on over 80,000 sites. This flaw allowed unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable site’s server. This vulnerability was introduced in the plugin’s latest major version update which is considered a critical security issue that could lead to remote code execution on a vulnerable site’s server. If you are running any version from 7.0.0 to 7.0.4 of this plu