Source: Wordfence
A security vulnerability has reportedly been discovered in the Perfmatters WordPress plugin, according to a blog post from Wordfence. The post suggests the issue could affect approximately 200,000 WordPress sites, though the full details of the article were not accessible at the time of writing.
According to Wordfence, the vulnerability is described as an "arbitrary file deletion" flaw. This type of issue generally allows an attacker to delete files on a website's server, which can cause serious disruption or damage to a site.
Beyond that, the specific details remain unclear. The Wordfence article was not fully retrievable, so information such as which versions of the plugin are affected, whether a fix is available and who discovered the issue could not be confirmed at this time.
If you use the Perfmatters plugin on your WordPress site, it is worth keeping a close eye on updates from the plugin developer and from Wordfence directly.
WordPress plugins are one of the most common entry points for attackers targeting small business websites. A plugin used by a large number of sites is a particularly attractive target, because a single vulnerability can be exploited across many websites at once.
You do not need to be a technical expert to take basic precautions. Keeping your plugins updated, removing plugins you no longer use and checking security news regularly are straightforward steps that can make a real difference.
For a practical overview of what to check, see our security checklist for small businesses and our guide on vulnerable WordPress plugins.
If Perfmatters is installed on your WordPress site, check for any available updates and apply them as soon as possible. It is also worth reviewing which plugins you have installed and removing any that are inactive or no longer needed. Staying on top of plugin updates is one of the simplest and most effective ways to protect your website and the customer data it holds.
Scan gratuit couvrant le RGPD, le droit d'auteur, l'accessibilité, la sécurité et plus encore.
Scanner votre site gratuitementA Wordfence blog post about a vulnerability in the MW WP Form WordPress plugin affecting 200,000 sites could not be loaded due to JavaScript being disabled.
A Wordfence blog post references an authentication bypass vulnerability affecting WordPress sites using the Tutor LMS Pro plugin, but the full article content is inaccessible due to JavaScript being…
A Wordfence blog post references an arbitrary file read vulnerability in the Smart Slider 3 WordPress plugin affecting 800,000 sites, but the full article text is not accessible due to JavaScript…