Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
17 November 2024
A critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site.
The vulnerability, tracked as CVE-2024-10924 (CVSS score: 9.8), impacts both free and premium versions of the plugin. The