A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote code execution (RCE) attacks. The vulnerability, scoring a maximum CVSS 9.8 (Critical) severity rating, originates from improper handling of user-supplied data in the plugin’s donation form processing logic. Exploiting this flaw allows attackers to […]
The post WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks appeared first on Cyber Security News.
This article has been indexed from Cyber Security News