WordPress UpdraftPlus Plugin Vulnerability Impacts Millions of Websites (CVE-2024-10957)

WordPress UpdraftPlus plugin is vulnerable to a high-severity PHP object injection vulnerability. Tracked as CVE-2024-10957, the vulnerability may allow an unauthenticated attacker to delete arbitrary files, retrieve sensitive data, or execute code. According to WordPress, more than 3 million websites worldwide use the plugin.