A zero-day flaw in a WordPress plugin called BackupBuddy is being actively exploited, WordPress security company Wordfence has disclosed.
“This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information,” it said.
BackupBuddy allows users to back up their entire WordPress installation from within the
This article has been indexed from The Hacker News
Read the original article: