The plugin Rich Reviews (https://en-gb.wordpress.org/plugins/rich-reviews/) has been closed on the WordPress repository since March 2019 for security issues. However security researchers at WordFence ( https://www.wordfence.com/blog/2019/09/rich-reviews-plugin-vulnerability-exploited-in-the-wild/) have reported that this vulnerability is being exploited in the wild.
Recommendation
Our recommendation is to immediately remove the Rich Reviews plugin and find an alternative.
Users of FullWorks Security will have been automatically notified of this vulnerability during their code scan and would have been notified since March that the plugin had be removed from WordPress.org
If you are not a user of Fullworks Security you can sign up for a free 30 day trial
Or you can sign up to our free newsletter below.
Leave a Reply