Security Links
The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 1.8.4. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

Zscaler Blog

Get the latest news and views from the leading voices in cloud security and secure digital transformation. Subscribe to the Zscaler blog and stay in the know

Visit Website