Vulnerability Bulletins

Episode 90: WPBakery Plugin Vulnerability Exposes Over 4 Million Sites


System information

   
Affected software Wordpress

Description

A vulnerability discovered by the Wordfence Threat Intelligence team in the WPBakery plugin exposes over 4 million sites. High severity vulnerabilities were discovered in the Post Grid and Team Showcase plugins. The online avatar service Gravatar, has been exposed to a user enumeration technique, which could be abused to collect data on its users’ profiles, […]

More info:

https://www.wordfence.com/blog/2020/10/episode-90-wpbakery-plugin-vulnerability-exposes-over-4-million-sites/

Standar resources

Property Value
CVE

Version history

Version Comments Date
1.0 Advisory issued 2020-10-14
Ministerio de Defensa
CNI
CCN
CCN-CERT