Cybersecurity

A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances.

The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024.

Arising due to missing input validation and sanitization, the issue makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server.

WPML is a popular plugin used for building multilingual WordPress sites. It has over one million active installations.

A stealthy Linux malware named 'sedexp' has been evading detection since 2022 by using a persistence technique not yet included in the MITRE ATT&CK framework.

(cross-post from https://programming.dev/post/18621331)

It seems i have the option but i have a vague memory of someone telling me not to bother with it unless i had a good reason

I could really use the extra storage right now but I know it's not best practice to just plug it into my PC. I'm tempted to risk it but I'm wondering if a virtual machine would provide any benefit? Unless I find any cool music I intend to wipe it (assuming it hasn't been already). Is virtualbox still the go to? I understand Linux would be a better option but I've given up trying to get my laptop to boot from a USB stick and the DVD drive seems to only read CDs. Haven't tried writing one but if that does work is there a good small distro I could try just for this purpose? Thank you.