AMP for WP, a popular WordPress plugin with more than 100,000 downloads, has come under the limelight for all the wrong reasons.
The plugin’s vulnerability was highlighted last week in WebARX blog where it published a proof of concept code on how to exploit it. Attackers took no time in responding and started exploiting it after which the plugin was removed from the official WordPress repository.
A similar vulnerability was discovered in WP GDPR compliance plugin. The vulnerability allowed attackers to use the plugin’s code to make changes on the website.
The vulnerability in AMP for WP plugin was originally discovered by Sybre Waaijer, a Dutch security researcher who discovered and reported the vulnerability to the developers back in October of this year.
AMP for WP is now back as the developers worked around a patch that would fix the vulnerability. If you are one of the thousands of users of this plugin, it is highly recommended that you download the patch right away.
The post AMP for WP Released Patch For a Massive Security Flaw appeared first on WPblog.