Login
From:
WPScan
(Uncensored)
subscribe
Unauthorized Plugin Installation/Activation in Hunk Companion | WPScan
https://wpscan.com/blog/unauthorized-plugin-installation-activation-in-hunk-companion/
links
backlinks
Roast topics
Find topics
Find it!
This report highlights a vulnerability in the Hunk Companion plugin < 1.9.0 that allows unauthenticated POST requests to install and activate plugins directly from the WordPress.org repository. …