Vulnerability in wpCentral Plugin Leads to Privilege Escalation

On February 13th, Wordfence Threat Intelligence team discovered a vulnerability in wpCentral, a WordPress plugin installed on over 60,000 sites. The flaw allowed anybody to escalate their privileges to those of an administrator, including subscriber-level users. The vulnerability also allowed for remote control of the site via the wpCentral administrative dashboard. This was reported as [...]