Security Links
The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

Zendata News

Discover an exclusive series authored by Zendata’s experts, featuring technical deep dives, the latest threat trends, articles on penetration testing, operational technology (OT), incident response (IR), managed detection and response (MDR), and more.

Visit Website