{"id":1845,"date":"2024-08-28T05:28:22","date_gmt":"2024-08-28T05:28:22","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2024\/08\/28\/critical-wpml-plugin-flaw-exposes-wordpress-sites-to-remote-code-execution\/"},"modified":"2024-08-28T05:28:22","modified_gmt":"2024-08-28T05:28:22","slug":"critical-wpml-plugin-flaw-exposes-wordpress-sites-to-remote-code-execution","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2024\/08\/28\/critical-wpml-plugin-flaw-exposes-wordpress-sites-to-remote-code-execution\/","title":{"rendered":"Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution"},"content":{"rendered":"<p>\u200bA critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances.<br \/>\nThe vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024.<br \/>\nArising due to missing input validation and sanitization,\u00a0A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances.<br \/>\nThe vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024.<br \/>\nArising due to missing input validation and sanitization,\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bA critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances. The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024. Arising due to missing input validation&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2024\/08\/28\/critical-wpml-plugin-flaw-exposes-wordpress-sites-to-remote-code-execution\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":1846,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/1845"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=1845"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/1845\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/1846"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=1845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=1845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=1845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}