On April 14th, 2025, we received a submission for an Arbitrary File Upload vulnerability in Greenshift, a WordPress plugin with more than 50,000 active installations. This vulnerability can be used by authenticated attackers, with subscriber-level access and above, to upload arbitrary files to a vulnerable site and achieve remote code execution, which is typically leveraged for a complete site takeover.
The post 50,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in Greenshift WordPress Plugin appeared first on Wordfence.
This article has been indexed from Blog – Wordfence