Facebook for WordPress is a plugin designed to create a seamless integration between the conversion measurement tool Facebook Pixel and a WordPress site. Once installed, the plugin monitors site traffic and records data when users access pages and perform certain actions on a site.
The first flaw discovered by Wordfence could be used by unauthenticated attackers with access to a site’s secret salts and keys to achieve remote code execution through a deserialization weakness. The company responsibly disclosed the vulnerability to Facebook at the end of last year and it has now been patched.
Facebook for WordPress
The second flaw discovered in Facebook for WordPress by Wordfence’s Threat Intelligence team was introduced when the…