The vulnerability was found in all versions of the WPML plugin hungary phone number and was then fixed with version 4.6.13. However, the history told by the blog shows how the plugin producers strangely waited over a month to respond to the communication made by WordFence experts regarding this vulnerability and therefore, from the first communication sent at the end of June, the patch was made available only at the end of August. The important thing, now that an updated and secure version is available, is obviously to do the update.
WPML Plugin Now Safe Again – sos-wp.it
What is a remote code execution or RCE vulnerability?
The vulnerability found within the WPML plugin is, as we said, of the remote code execution type. In fact, it means that a malicious user can run code at will on the network or within the computers of any company.
There are several situations where an attack of this type can occur. In the case of the WPML plugin, the problem was a lack of input validation and an equally lack of sanitization of the plugin's rendering functions.
But remote code execution attacks can also be carried out, for example, by exploiting SQL injection vulnerabilities , another type of vulnerability that we talk about very often, or simply by exploiting the functioning of some sites that allow the user to upload files .
Once the attack is launched, criminals can then decline it in various ways: with access to what is on the network that manages the targeted sites, it is possible, for example, to steal credentials and private data or install malware that then steals data or compromises the security of users and databases.
Finally, there is also the possibility that the data is simply destroyed and therefore with a remote code execution attack, in theory, a criminal could even be able to delete an entire WordPress site . This explains why the vulnerability has been classified with a danger of 9.9 out of 10.