Authentication Bypass Vulnerability in InfiniteWP Client
An authentication bypass vulnerability affecting more than 300,000 InfiniteWP Client plugin users has recently been disclosed to the public. This plugin allows site owners to manage multiple websites from one central server using the InfiniteWP Server.
Due to the nature of this plugin, this is a serious vulnerability that should be patched as soon as possible to mitigate risk. InfiniteWP users can update their plugin with the latest version 1.9.4.5.
Continue reading Authentication Bypass Vulnerability in InfiniteWP Client <= 1.9.4.4 at Sucuri Blog.