Skip to content Skip to footer

Update miniOrange Plugins Immediately to Prevent Website Hacking

Two popular plugins, Scanner, and Application Firewall, have recently been found to have a vulnerability that could allow an attacker to execute arbitrary code on a website. This vulnerability exists in versions 4.8.1 and below of the Scanner plugin and 5.1.1 and below of the Application Firewall plugin.

The vulnerability arises from a lack of input sanitization in the plugins' file upload functionality. An attacker could this weakness and upload a malicious file to the website. Once the file is uploaded, the attacker could execute it, potentially gaining control of the website and its data.

The of the plugin miniOrange have been made aware of the vulnerability and have released updates to fix the issue. They are urging all users of these plugins to update to the latest versions, Scanner 4.8.2 and Application Firewall 5.1.2, as soon as possible. Additionally, they recommend that users delete the plugins from their websites if they are not actively using them to mitigate the risk of exploitation further.

Suppose you are using either of these plugins on your website. In that case, updating to the latest versions or deleting them immediately is essential to protect your website from potential attacks. You should regularly update all plugins and themes on your website to ensure you use the most secure versions. By taking these steps, you can help ensure your website's security and protect it against potential threats.

Leave a comment

Newsletter Signup
Address

The Grid —
The Matrix Has Me
Big Bear Lake, CA 92315

01010011 01111001 01110011 01110100 01100101 01101101 00100000
01000110 01100001 01101001 01101100 01110101 01110010 01100101

Who, me? Are you kidding? No, I run out to check on T-bill rates, I get outta breath. Hey, look, you guys are gonna make my user, Mr. Henderson, very angry. He's a full-branch manager.Crom

Deitasoft © 2024. All Rights Reserved.