Mastodon Feed
Boosted by soatok@furry.engineer ("Soatok Dreamseeker"):
geeknik@infosec.exchange wrote:
800,000 WordPress sites. One “subscriber” and a plugin bug = arbitrary file read.
The real lesson: most breaches don’t need genius, just one forgotten permission boundary.
https://www.wordfence.com/blog/2026/03/800000-wordpress-sites-affected-by-arbitrary-file-read-vulnerability-in-smart-slider-3-wordpress-plugin/