Your review has been sent successfully

InfiniteWP Client Plugin (WordPress) Update

3139
Classification
These posts contain security alerts, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Most Viewed Warnings

Dell EMC Alert

● Critical

F5 Alert

● High

IBM Alert

● Critical

Fortinet Alert

● High

Red Hat Alert

● High

حملات تصيدية تستهدف مايكروسوفت تيمز (Microsoft Teams)

● High

Warning Date

Severity Level

Warning Number

Target Sector

22 January, 2020

● Critical

2020-827

All

Description:

Wordfence has released security update to address a vulnerability in the following plugin:

  • InfiniteWP Client plugin versions 1.9.4.4 or earlier

Threats:

Attacker could exploit this vulnerability to bypass authentication, which could allow an attacker to use the authentication logic in the InfiniteWP Client plugin to authenticate and access the WordPress installation.

Best practice and Recommendations:

The CERT team encourages users to update InfiniteWP Client plugin to version 1.9.4.5 and Wordfence to version 7.4.3 and to review Wordfence security advisory:

https://www.wordfence.com/blog/2020/01/critical-authentication-bypass-vulnerability-in-infinitewp-client-plugin/

Last updated at 22 January, 2020

Rate the content

rate-icon
up icon