The plugin ‘Download Plugins and Themes from Dashboard’ (https://wordpress.org/plugins/download-plugins-dashboard/) , a plugin that lets you download installed plugins and themes ZIP files directly from your admin dashboard without using FTP with 10,000+ installs has been identified to have multiple security flaws in version less than 1.6.
Our recommendation is to immediately update to version 1.6
Users of FullWorks Security will have been automatically notified of this vulnerability during their code scan.
If you are not a user of Fullworks Security you can sign up for a free 30 day trial
Or you can sign up to our free newsletter below.
Leave a Reply