Automatically translated.View original post

A vulnerability was found on Wordpress' Modular DS plug-in.

A vulnerability was found on Wordpress' Modular DS plug-in, conducive to hackers seizing the site.

WordPress may be a tool for building websites that are popular with a lot of support tools, but at the same time, it also has a lot of security weaknesses.

According to a report by The Hacker News website, a vulnerability has been detected on Wordpress's plug-in called Modular DS, a plug-in that helps manage things on Wordpress to make it easier. This plug-in has more than 40 thousand downloads at the present time, so it is considered a fairly popular plug-in. For such a vulnerability, it is coded CVE-2026-23550 with the highest level of seriousness because it has received a CVSS rating, which measures the seriousness of a security vulnerability of up to 10.0. This vulnerability opens a channel for the aggressor. The right to access the system can be upgraded without the permission of the real administrator. This vulnerability covers users of the plug-in in all versions, including version 2.5.1.

This vulnerability occurs in a routing mechanism or Routing Mechanics that normally provides a vulnerable route in a framework that requires authentication every time under the prefix "/ api / modular-connector," but the problem is that this layer of security can be evaded when the mode of direct request traffic or "Direct Request" is enabled by setting the "Origin" parameter to "Mo" and the "Type" parameter to any value, such as "origin = mo & type = xxx." Setting a parameter like this makes the routing mechanism understand that the request came directly from the Modular DS plugin.

This allows hackers who access websites that use Modular DS to access sensitive routes such as / login /, / server-information /, / manager /, and / backup /. This will result in hackers being able to easily steal data or use stolen data to gain control of websites. This vulnerability has been detected in the past 13 January, with the victim site receiving an HTTP GET request from the IP number 45.11.89 [.] 19 and 185.196.0. [.] 11 Endpoints "/ api / modular-connector / login /" followed by an attempt to create an Admin account (Admin or Administrator) clearly illustrates the danger of this security vulnerability.

The source has warned those who use the plug-in to update the plug-in to the latest version immediately and check if there is a foreign account or administrator on the system. If it is detected, follow these steps.

Instead, create WordPress Salts, which will help to automatically undo various Session applications immediately.

Create a new OAuth code.

Scan the website for unusual files, plug-ins, or codes.

# Trending # Lemon 8 Howtoo # lemon 8 diary # Wordpress # freedomhack

2/7 Edited to

... Read moreจากประสบการณ์การดูแลเว็บไซต์ Wordpress ส่วนตัว การพบช่องโหว่บนปลั๊กอินต่าง ๆ นับเป็นเรื่องที่ผู้ดูแลระบบต้องใส่ใจอย่างมาก เพราะปลั๊กอินเหล่านี้แม้จะช่วยเพิ่มฟังก์ชันทำให้การจัดการเว็บไซต์ง่ายขึ้น แต่ก็เสี่ยงต่อการถูกโจมตีหากไม่ดูแลอย่างเหมาะสม กรณีช่องโหว่ CVE-2026-23550 บนปลั๊กอิน Modular DS ที่กล่าวถึงนี้ ผมขอแชร์วิธีป้องกันเบื้องต้นที่แนะนำให้เจ้าของเว็บไซต์ Wordpress ทำตามอย่างเข้มข้นครับ อย่างแรกเลยคือต้องเช็คว่าปลั๊กอิน Modular DS ที่ใช้เป็นเวอร์ชันล่าสุดหรือยัง เพราะทางผู้พัฒนาได้ออกอัปเดตเพื่อปิดช่องโหว่นี้แล้ว ถ้าไม่อัปเดตก็เหมือนเปิดประตูให้แฮกเกอร์เข้าโจมตีได้ง่าย ทั้งนี้ ต้องรักษาความปลอดภัยเสริมด้วยการตั้งค่า WordPress Salts ใหม่ เพราะจะช่วยรีเซ็ต session ต่าง ๆ ให้ออกจากระบบอัตโนมัติในกรณีที่มีผู้ไม่หวังดีล็อกอินเข้ามา และแนะนำให้ตรวจสอบสิทธิ์การเข้าถึงเว็บไซต์โดยละเอียด เช่น ลองสแกนหาไฟล์หรือรหัสที่แปลกปลอม รวมถึงตรวจสอบบัญชีผู้ดูแลระบบว่าไม่มีรายชื่อแปลกปลอมหรือบัญชีที่ไม่ได้ตั้งใจสร้างขึ้น อีกทั้งควรตั้งค่าพารามิเตอร์ Origin และ Type ในคำขอ API อย่างระมัดระวัง เพื่อป้องกันการเจาะระบบผ่านกลไกการกำหนดเส้นทางที่ถูกเจาะช่องโหว่ "Direct Request" ที่ทำให้แฮกเกอร์สามารถผ่านการยืนยันตัวตนได้ง่าย ๆ สุดท้าย ผมแนะนำให้ผู้ดูแลเว็บไซต์ติดตามข่าวสารด้านความปลอดภัยของ Wordpress และปลั๊กอินอย่างต่อเนื่อง รวมถึงมีแผนสำรองข้อมูล (Backup) ที่พร้อมใช้งาน เพื่อให้พร้อมกู้คืนเว็บไซต์ได้อย่างรวดเร็วเมื่อเกิดเหตุการณ์ฉุกเฉิน จากนี้ การดูแลเว็บไซต์ Wordpress จำเป็นต้องระมัดระวังมากขึ้น โดยเฉพาะกับปลั๊กอินที่ใช้งานซึ่งเป็นจุดอ่อนเสมอ ขอให้ทุกคนที่ใช้ Modular DS หรือปลั๊กอินอื่น ๆ รู้จักตรวจสอบและอัปเดตอย่างสม่ำเสมอนะครับ เพื่อปกป้องเว็บไซต์จากภัยคุกคามทางไซเบอร์ที่เพิ่มขึ้นอย่างต่อเนื่อง

Related posts

The image displays a shower with white marble walls and a shower head. A recessed shelf holds various bottles and a razor. The text overlay reads "HOW TO SHAVE YOUR" with a cat emoji, indicating the topic of the post.
The image shows two pairs of small scissors, one pink and one silver, against a background of water spraying from a shower. The text overlay discusses trimming hair before shaving.
The image features three jars of sugar scrub and two pink exfoliating gloves, set against a shower background. The text explains the importance of exfoliating to prevent ingrown hairs.
HOW TO SHAVE YOUR 🐱
🪒TRIMMING: if needed, always trim the hairs a bit just so there isnt too much hair to get rid of when you’re ready to shave ! 🪒EXFOLIATE: exfoliating helps get dead skin off and prevents ingrown hairs/bumps. i always use sugar scrubs (treehut) but if im not using them, i’ll just use my exfoliat
˚ʚ♡ɞ˚mads ˚ʚ♡ɞ˚

˚ʚ♡ɞ˚mads ˚ʚ♡ɞ˚

14.6K likes

BAT WINGS WORKOUT
The bat wings are really getting up outta here!! These exercises are definitely working. I'm so happy because these are my biggest insecurity! I did 3 sets of 12 and 1 set till failure with a heavier weight. These moves specifically target your bat wings so if you haven't seen much
Kalias Queen

Kalias Queen

1366 likes

A collage of various hygiene products, including body wash, shave gel, sugar scrubs, oral care items, hair care products, body lotions, and deodorants, arranged on a bathroom counter.
A collection of oral hygiene products on a bathroom counter, featuring a blue mouthwash bottle, a purple electric toothbrush, a purple water flosser, a small container of dental floss, and a tube of white toothpaste.
A selection of hair care products displayed on a bathroom counter, including two purple shampoo/conditioner bottles, a white pump bottle of 2-in-1 hair product, a green spray bottle of curl gel, and a white tube of conditioning balm.
Lemme put you onnnn !!!
My current fav hygiene products 🫶🏼 #hygieneproducts #hygieneroutine #embracevulnerability #Lemon8 #lemon8challenge #cleangirlaesthetic #review #reviewlemon8
Leslie 🪴

Leslie 🪴

1396 likes

A person with braided hair shows a visible area of hair thinning or balding at the temple, highlighted by a yellow circle. Text asks for 'Tips for Balding?' and 'HELP!'
Tips for Balding?
Hello Beauties!! I’m asking everyone for their help. I’ve had this bald spot for more than a decade & it never bothered me. When I went to cosmetology school, my instructor told me that I have traction alopecia. If anyone is unaware about traction alopecia, it just means that I had weakened
JenMichelle

JenMichelle

984 likes

STOP saying sorry 🌟
It’s easy to fall into the habit of saying “sorry” too often. Here are some empowering alternatives that help you express yourself more positively and confidently. Which alternative would you use? 🫶🏼 #embracevulnerability #healthylifestyle2024 #Lemon8Diary #empowerment #confidence #co
auty 🌱

auty 🌱

7807 likes

1,000,000 WordPress Sites Affected
1,000,000 WordPress Sites Affected by Arbitrary File Read and SQL Injection Vulnerabilities in Avada Builder WordPress Plugin Two vulnerabilities in the Avada Builder plugin - with an estimated 1,000,000 active installations - allow authenticated attackers with subscriber-level access to read ar
Wordfence

Wordfence

1 like

Wordfence Intelligence Weekly
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 6, 2026 to April 12, 2026) This week, 154 new vulnerabilities were disclosed across 118 plugins and 23 themes, impacting approximately 17.3 million active installations. 138 vulnerabilities have been patched and 16 remain unpatc
Wordfence

Wordfence

1 like

A vibrant blue layered "Blue Scooby Snack Shot" in a glass, topped with whipped cream, colorful sprinkles, and a maraschino cherry. Other similar shots are blurred in the background, with pineapple chunks in the foreground. The title "BLUE SCOOBY SNACK SHOTS" is at the top.
Blue Scooby Snack Shots
Ingredients: 1 oz Coconut Rum 1 oz Blue Curacao 1 oz Pineapple Juice 1 oz Cream of Coconut Whipped Cream Blue Sprinkles Maraschino Cherry Directions: In a shaker, combine the coconut rum, blue curacao, pineapple juice, and cream of coconut. Fill the shaker with ice and shake well until th
Kae

Kae

595 likes

playlist must haves!!!
This summer is all about the vibes. Making sure I have the perfect playlist is one of my main priorities. I have been working on my playlist since January and these songs have made it 10x better. They are perfect for anything: aux, tanning, swimming, etc. These songs will be playing on REPEAT the w
emma snyder

emma snyder

4768 likes

Wordfence Intelligence Weekly
Last week, there were 54 vulnerabilities disclosed in 49 WordPress Plugins and 0 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 36 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in
Wordfence

Wordfence

0 likes

Plum hair >> 🤌
I used ion light plum and ion dark plum, I mixed them together! #embracevulnerability #shareyourthoughts #lemon8challenge #hairdyetutorial #hairdye #purplehair #hairgrowth #haircolor
Shay

Shay

271 likes

A hand holds a stack of US dollar bills, primarily twenty-dollar denominations, and a receipt. Overlayed text reads '3 ACTUAL SIDE HUSTLES' and 'Read Caption'. The image also features sparkling stars, yellow cartoon figures, and the Lemon8 logo with username.
3 ACTUAL SIDE HUSTLES
( LIKE AN SAVE FOR LATER 😮‍💨⤵️ ) Here’s 3 ACTUAL side hustles that I use to make EXTRA income 🙂‍↕️⤵️ Here are three online side hustles that you can start for free: 1. **Blogging:** Start a blog on a topic you're passionate about. You can create content, share your expertise, and mone
Yanaveu Marketing CEO

Yanaveu Marketing CEO

5145 likes

A vibrant pink and yellow gradient background with the title '31 Day SelfLove Challenge' in black text. Four hands of different skin tones are interlocked in the center, above a 'Dear Diary' logo. A yellow 'Swipe' banner is in the top right.
The second slide of the 31-Day Self-Love Challenge, detailing daily activities for Day 1 through Day 10. Tasks include self-appreciation, self-care routines, setting boundaries, writing a letter, trying new hobbies, affirmations, and mindfulness.
The third slide of the 31-Day Self-Love Challenge, outlining activities for Day 11 through Day 20. Tasks include kindness to self, listing proud achievements, spending time in nature, practicing gratitude, creative expression, relaxation, and helping others.
The 31-Day Self-Love Challenge ✨
Embark on a Transformative Journey: The 31-Day Self-Love Challenge Are you ready to prioritize your well-being, boost your self-esteem, and cultivate a deeper sense of self-love? Welcome to the 31-Day Self-Love Challenge – a transformative journey designed to help you embrace and celebrate y
Anxiety Diary

Anxiety Diary

2161 likes

PrtyGrlBeauty 🎀
Reviewing The Body Oils I Got From One Of My Fav Shops>>>>>>> PrtyGrlBeauty 💕💕 I Ordered May4th & My Package Got Delivered today May10th😮‍💨 #embracevulnerability #bodycare #skincare #bodyoil #lotion #SmallBusiness #honestreview #Lemon8 #beautyhaul #lemon8
Girlyyy🩷

Girlyyy🩷

195 likes

A close-up of air-fried pork belly pieces, glistening with sauce and sprinkled with white sesame seeds, served on a bed of fresh green lettuce.
Marinated pork belly slices are neatly arranged in an air fryer basket lined with aluminum foil, ready for cooking.
A six-panel collage illustrating the initial steps of preparing pork belly: slicing, then adding cooking wine, soy sauces, sugar, chili powder, and cumin powder.
Air fryer, delicious barbecue
Air Fryer Delicacy: Grilled Pork Belly Recipe: 1. Slice pork belly into 0.5cm thick pieces. 2. Marinate with: 1 tablespoon cooking wine 1 tablespoon soy sauce 1 tablespoon oyster sauce ½ tablespoon dark soy sauce 1 tablespoon sugar 1 tablespoon chili powder 1 tablespoo
Slim Kitchen

Slim Kitchen

50 likes

Korean hair products !! ୨୧
#koreanhaircare #koreanproducts #Lemon8Diary #beautyfinds #healthylifestyle2024 #fashionfinds #hairstyles #Hair #embracevulnerability #beautyfinds
.yameii !!

.yameii !!

833 likes

-yes, I painted that wood
In November, we moved into this 1959's parsonage. This has been an incredible journey into a home that is actually a home. As pastors, we have lived in various housing for the past 5 years. From an RV to a church sanctuary to a church basement. Two years ago, the Lord directly and clearly prom
Bethany | Revival Momma

Bethany | Revival Momma

1480 likes

A black and white image shows a woman in a black dress exiting a car, holding hands with a man. Text overlays express superficial thoughts about attracting a wealthy man or marrying rich due to academic difficulties, contrasting with the article's theme of intellectual partnership.
What Wealthy Men Are Really Looking For🍸
Before you read my sincere opinion, I would like for the ladies who are not financially where they want to be to believe in their ability to succeed in whatever they wish. And to never think it only happens to the lucky ones or the model-looking women. It happens to smart women. Most women from all
Angelina

Angelina

73 likes

A woman models a cream-colored two-piece outfit featuring a high-neck, puff-sleeve top and flared pants, accessorized with a small dark brown handbag. Text overlays include "Soft Girl" and "Fashion Finds + size available."
A woman is shown from the side, wearing a white short-sleeved jumpsuit or wide-leg pants and top, paired with a white quilted cross-body bag. The image has a "Good VIBES" text overlay.
A woman poses next to a black car, dressed in a black turtleneck top and distressed black wide-leg jeans, completing a modest and stylish look.
FULLY Clothed & Still break NECKS 💓
#embracevulnerability #fashionfinds #lemon8fashionfinds #winterfashion I love this type of fashion very MODEST! While still breaking necks 🥰🥰🥰 These fits are some warming 🥰🥰🥰
Autty🫰🏽

Autty🫰🏽

1293 likes

Instant pot Caribbean Jerk Oxtail
Dry Seasoning Mix: 1 tablespoon allspice 1 tablespoon ground ginger 1 tablespoon dried thyme 1 tablespoon paprika 1 teaspoon white pepper 1 teaspoon black pepper 1 teaspoon nutmeg 1 teaspoon salt 2 tablespoons brown sugar 1 teaspoon garlic powder Wet Marinade: 4 stalks fresh scallio
Chef Neicy🍽️

Chef Neicy🍽️

47 likes

A person relaxes on a beach lounge chair with the book 'You're Not Dying, You're Just Waking Up' by Elizabeth April. Highlighters rest on a striped towel next to the book, with a beach and ocean in the background. Text promotes spiritual books for 'girlys' and Lemon8 bookclub.
An open copy of 'You're Not Dying, You're Just Waking Up' is held on a beach lounge chair. Highlighted text discusses mindset and self-sabotage. A Lemon8 Bookclub ticket shows the book's 5-star rating and notes on spiritual awakening. Overlays emphasize positive mindset.
A person holds 'Healing Through Spirituality' by Travis Hemingway on a lounge chair by a pool. The book cover features a meditating figure. A Lemon8 Bookclub ticket details the book's 5-star rating and notes on healing, growth, and extraterrestrial beings. Green nails are visible.
spiritual book recommendations 🌿
i read these two books over the summer n let me just say… i haven’t been the same since. "You're Not Dying, You're Just Waking Up" by Elizabeth April: ~reading this book was like a reliving my spiritual awakening all over again for me. the book guided me through my journey of s
elle harris

elle harris

256 likes

Critical SQLi Flaw in Flavor Plugin
Critical SQLi Flaw in Flavor Plugin | Wordfence Security News Clip | March 30, 2026 The Ally WordPress plugin, installed on more than 400,000 sites, contains an unauthenticated SQL injection vulnerability that allows threat actors to extract sensitive data - including password hashes - from a si
Wordfence

Wordfence

0 likes

I HATE WHEN PEOPLE CALL ME THIS
I grew up always being called a white girl because I’m a black girl that didn’t talk a certain way because I grew up in a very hispanic neighborhood as I am a part of a hispanic Colombian family, which is something I can’t control . I absolutely hated it, especially when I started taking an interes
Daliany Camacho

Daliany Camacho

4425 likes

COZY outfits 🧸🤎
🧸one of my favorite ways to dress is COZY!! 🧸some super simple but super cute and comfy outfits #cozystyle #cozycomfy #cozyfashion #embracevulnerability #cozy #cozyhome #cozylifestyle #cozyaesthetic #aesthetic #lemon
jenna ౨ৎ

jenna ౨ৎ

1029 likes

Diy Christian Craft 🎨💗
#crafts #DIY #art #asthetic #christian #christiangirl #craft #inspo #craftideas #embracevulnerability
✨Z✨

✨Z✨

430 likes

A purple and pink floral background displays an August Bible study plan titled "Protection." It lists a specific Bible verse for each day of the month, from Proverbs 18:10 on day 1 to I Peter 3:13 on day 31.
A white background with simple floral doodles presents an August Bible study plan on "worship." It lists a Bible verse for each day of the month, with checkboxes next to each entry, from Exodus 3:12 on day 1 to Psalm 95:1-7 on day 31.
A white background with subtle floral elements displays an August Bible study plan titled "Finding Peace Through Pain." It lists a specific Bible verse for each day of the month, from Psalm 42:5 on day 1 to Deuteronomy 31:8 on day 31.
August 🌸✨
I found some Bible study challenges for August🩷🤍🙏🏼 idk which one to choose! Which one will you choose? :)) Keep God close to your heart always.✨ happy August everyone!🫶🏼 let go & let God ❣️ #august #bible ✔️ #embracevulnerability #lemon8bookclub #Lemon8Diary #saveforlater #sha
𝗅𝗂𝗅𝗒

𝗅𝗂𝗅𝗒

12 likes

A cardboard box for a light blue modular play couch is displayed in a store aisle, labeled 'AT HOBBY LOBBY'. The box shows a child on the couch and lists a price of $239.99, discounted to $167.99. Text overlays question if it's a 'KNOCK-OFF NUGGET COUCH?'.
Knock-of Nugget Couch?
How do we feel about this knock off nugget couch at Hobby lobby? Does anyone have it? Is there anything like the namebrand one? I saw this and I was going to get it but I wanted your guys feedback first, if it’s great I’m gonna run back there or grab it! Let me know mamas💗 #hobbylob
Saige | Toddler mom✨🪴❤️

Saige | Toddler mom✨🪴❤️

510 likes

✝️Tips On Building Strong Christian Relationships✝️
✨ Healthy Christian Dating Habits⤵️ ✨ Keep God First: Prioritize your relationship with God above all else. Make sure your dating relationship doesn’t distract you from your spiritual growth and commitment to your faith. ✨ Pray Together: Regularly pray together, seeking God’s guidance and ble
👑EmpressAura👑

👑EmpressAura👑

1153 likes

Exchange OWA Zero-Day Active Exploit
Microsoft Exchange Zero-Day Under Attack | Wordfence Security News Clip | May 18, 2026 Microsoft disclosed an actively exploited cross-site scripting zero-day in Exchange Server OWA on May 14th, tracked as CVE-2026-42897. The flaw affects Exchange Server 2016, 2019, and Subscription Edition. Exc
Wordfence

Wordfence

1 like

El diario de Esmeralda.
Desde lo profundo , me vuelo arte. Un nuevo susurro de alma ha side revelado. A new whisper of the soul has been revealed..🍷💋 blog: https://eldiariodeesmeralda.wordpress.com/ #lemon8dairy #blogging #literatura #embracevulnerability #blog
☆E.V.E☆

☆E.V.E☆

12 likes

See more