Visitor Logic Lite Plugin Vulnerability

The Visitor Logic Lite plugin for WordPress is a popular add-on used to enhance the functionality of WordPress websites. This vulnerability allows attackers to inject malicious PHP code into the website, potentially leading to unauthorized access, data theft, or system compromise.

You're affected if you use Visitor Logic Lite. Specific version info not stated in the advisory.

1. Upgrade: Update Visitor Logic Lite to version 1.0.4 or later from the WordPress Plugin Directory (https://wordpress.org/plugins/visitor-logic-lite/).
2. Immediate Mitigation: Immediately restrict network access to your website's PHP files and logs (e.g., by configuring your web server to deny access to these directories).

• plugins.trac.wordpress.org
• plugins.trac.wordpress.org
• www.wordfence.com