WordPress Simple Social Buttons Plugin Vulnerability

A security researcher has identified a vulnerability in the Simple Social Buttons plugin that is commonly used by WordPress site owners.

Threat ID:: CC-2928
Category:: Backdoor
Threat Severity:: Low
Threat Vector:: Vulnerability
Published:: 14 February 2019 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

A security researcher has identified a vulnerability in the Simple Social Buttons plugin that is commonly used by WordPress site owners.

Threat details

A remote attacker can exploit this vulnerability by creating new accounts on a site and making modifications to its main settings. This can allow an attacker to install backdoors on affected sites and take control of administration accounts.

Remediation steps

Type	Step
	WPBrigade have released a patch to address this vulnerability. Users and administrators are encouraged to review the Simple Social Buttons download page and apply the necessary update.

Last edited: 14 February 2020 2:44 pm