CVE-2024-10938

Name of the Vulnerable Software and Affected Versions OVRI Payment plugin for WordPress version 1.7.0

Description The software includes malicious .htaccess files in version 1.7.0. These files contain directives designed to prevent the execution of specific scripts while permitting the execution of known malicious PHP files. If these files are moved from the plugin’s directory, they could disrupt the normal operation of a website. The .htaccess files are used to control access to specific files and directories on the web server.

Recommendations Update to a newer version that contains a fix for this vulnerability.