writeups.xyz / $4,998 Bounty Awarded and 100,000 WordPress Sites Protected Against Unauthenticated Remote Code Execution Vulnerability Patched in GiveWP WordPress Plugin

Submitter : c2a

Date: 19 August 2024

Bounty : 4,998

Vulnerabilities :

• RCE
• PHP Pop Chain
• PHP Object Injection
• Security Code Review

Programs :

• Wordfence

Authors :

• Villu Orav (@Villu164)

Link :
https://www.wordfence.com/blog/2024/08/4998-bounty-awarded-and-100000-wordpress-sites-protected-against-unauthenticated-remote-code-execution-vulnerability-patched-in-givewp-wordpress-plugin/