Wordfence Logo

[WordPress Security] Vulnerability in Easy Social Icons Plugin

This morning, the Wordfence Threat Intelligence Team published part two in a series on cross-site scripting vulnerabilities that exploit the PHP_SELF variable. This vulnerability is in the “Easy Social Icons” plugin and affects over 40,000 sites. Attackers can use vulnerabilities of this kind to take over a site by installing a backdoor, or by adding a malicious administrator.

Wordfence LogoYou can find out which versions of the plugin are affected, how to protect yourself against this vulnerability, and all the technical details on the Wordfence Blog here.