When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
Successful attackers can gain remote code execution allowing them to fully compromise vulnerable WordPress websites through PHP code injection.
In the pluginschangelog, version 1.3.8 addresses the bug: Patched reported CVE just upgrade.
The version also adds tested support for WordPress 6.4.2, which was released on December 6.
Nex Team was awarded $2,751 for alerting Wordfence to the vulnerability.
Theblog postreads: Kudos to the BackupBliss team for an incredibly swift response and patch.
