|Affected plugin||All In One WP Security & Firewall|
|Active installs||1+ million|
|Vulnerable version||<= 5.0.7|
|Fully patched version||5.1.9|
|Recommended remediation||Upgrade to version 5.1.9 or higher and explicitly enable 2FA secret encryption in the plugin settings.|
This vulnerability is the exact same one as in the Two-Factor-Authentication plugin by Updraft. All in One WP Security & Firewall contains a copy of the plugin.
Leave a Reply