Code Snippets Vulnerability

Yesterday, 30th January it was announced that a Code Snippets Vulnerability had been discovered.

The Code Snippets is a popular WordPress plugin that allows users to execute code without adding custom snippets to their theme’s functions.php file.

What is the Code Snippets Vulnerability?

It has been found that a high severity cross-site request forgery (CSRF) bug, tracked as CVE-2020-8417, in Code Snippets plugin could be exploited by attackers to take over WordPress sites running vulnerable versions of the Code Snippets plugin.

How to resolve the Code Snippets Vulnerability?

This is very simple, navigate to your plugin section in your WordPress Admin panel and update the plugin to the newest version – 2.14.0.