A critical vulnerability in WP Ghost, a popular WordPress security plugin with over 200,000 active installations. The high-severity flaw, tracked as CVE-2025-26909 with a CVSS score of 9.6, allows unauthenticated attackers to exploit a Local File Inclusion (LFI) vulnerability that can lead to Remote Code Execution (RCE). Website administrators are strongly advised to update immediately […]
The post WordPress Plugin Vulnerability Exposes 200k+ Sites to Code Execution Attacks appeared first on Cyber Security News.
This article has been indexed from Cyber Security News