To the point:
- Automattic found a flaw in WP Super Cache.
- Over 2 million sites get affected by this Vulnerability.
- The WP-Super-Cache plugin is typically used to boost the speed of a WordPress site.
- Patch Released, All site owners should upgrade to the newest version of WP Super cache.
The WP super cache vulnerability has recently been discovered, which is a new matter of concern. It’s a low-severity flaw that allows an attackers to upload and execute malicious code to take control of the website.
It makes WP Super Cache users exposed to remote code execution (RCE) vulnerability.
An exploit that allows an attacker to take advantage of this bug to upload and run malicious code is known as remote code execution.
According to Wordfence.com, RCE occurs when an attacker gains access to upload code to your website. A bug in a PHP application or script can accept user input and process it as PHP code. This allows an attacker to instruct the website to generate a new file containing code that grants the attacker complete access to the website.
However, Automattic, has updated the plugin. Publishers who use the plugin are encouraged to update to the most recent version, 1.7.2.