🔒 Wordfence released its 2024 WordPress security report. An Arbitrary File Upload vulnerability was found in the Greenshift plugin (versions 11.4-11.4.5), allowing authenticated users to upload malicious files, posing a remote code execution risk. Discovered by researcher mikemyers, it was quickly reported, prompting prompt patches on April 15 and 17, 2025. Users should update to version 11.4.6. Wordfence protects all users against this exploit.
50,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in Greenshift WordPress Plugin
