Takeovers likely across over 100K WordPress sites due to critical plugin bug

Such a vulnerability, tracked as CVE-2024-5932, could be leveraged by threat actors to facilitate PHP object injection and subsequent Property Oriented Programming chain abuse involving the manipulation of deserialized objects for remote code execution and arbitrary file deletion, a report from Defiant revealed.

Article Link: Takeovers likely across over 100K WordPress sites due to critical plugin bug | SC Media