According to WORDFECEthe vulnerability is assigned CVE-2024-10924 identification code with a severity of up to 9.8 according to the CVSS scale (maximum of 10) in the Plugin (Plugin) Really Simple Security in all three free versions and paid from 9.0 to 9.1.1.1. The Really Simple Security utility was Really Simple SSL very famous when there were more than 4 million WordPress websites installed and used.
Really Simple Security is a lightweight and easy -to -use security plugin, helping to secure the WordPress website by creating SSL certificates, executing shifts to HTTPS security connection, scanning possible holes, logging in … The paid version is sold at $ 49/year with features such as firewalls, protecting passengers from dangerous factors …
The plugin is famous for WordPress security and is extremely serious security
WORDFECE Description of the CVE-2024-10924 vulnerability allows hackers to exceed the authenticity and occupy account access, including administrators when the “Two-Factor Authentication” feature is activated. The dangerous point in the vulnerability can be exploited on a large scale due to the ability to automate the attack.
WORDFECE The firewall has been deployed from 6.11.2024 for users to pay and will expand for users for free on 6.12.2024. WordPress websites are using the Really Simple Security plugin that needs to be updated to the 9.1.2 version as soon as possible, the storage service providers also need to automatically update the plugin for customers and scan the storage system to detect the vulnerable versions.
plugin,Security gap,Security,Firewall
