CVE-2016-10960 (wsecure)

The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter.

View Full Alert