Critical WordPress Plugin Vulnerability Exposes 10K+ Sites to Cyber Attack
Posted: Sun May 18, 2025 3:16 pm
A severe privilege escalation vulnerability has been discovered in the popular WordPress plugin Eventin, putting more than 10,000 websites at risk of complete compromise.
The vulnerability, now tracked as CVE-2025-47539, allows unauthenticated attackers to create administrator accounts without any user interaction, giving them full control over affected websites.
https://cybersecuritynews.com/critical- ... erability/
The vulnerability, now tracked as CVE-2025-47539, allows unauthenticated attackers to create administrator accounts without any user interaction, giving them full control over affected websites.
https://cybersecuritynews.com/critical- ... erability/