Business
blog

6 Uncomplicated Ways to Get Studying Fun

  • July 26, 2020
blog

Acestea sunt semne bune că vor oferi mult

  • July 28, 2021
Naira falls N777 against dollar after CBN announcement
Economy

Investment commission pledges FDI support to improve Nigeria’s

  • March 6, 2022
Energy

Nigeria’s gas revolution will lift West Africa’s energy

  • March 6, 2022

Contact Info

Some Populer Post

Cardoso reassures investors of macroeconomic stability, confidence

News
New SEC regulation to enhance transparency in bank recapitalization

SEC warns social media figures over unregistered investment schemes

Business

DHL stops high-value US deliveries due to stricter customs

Business

Japan eyes relaxed car safety regulations amid US trade

Business
  • Home  
  • NITDA warns Nigerian website owners of critical WordPress plugin flaw
- News

NITDA warns Nigerian website owners of critical WordPress plugin flaw

The National Information Technology Development Agency has issued a warning to Nigerian website owners regarding a critical security vulnerability in the Jupiter X Core plugin for WordPress. This was disclosed by NITDA via its official X account. CVE-2025-0366 is a critical security flaw in the Jupiter X Core plugin for WordPress, allowing attackers to take […]

NITDA to develop blockchain "Nigerium" for data Security

The National Information Technology Development Agency has issued a warning to Nigerian website owners regarding a critical security vulnerability in the Jupiter X Core plugin for WordPress.

This was disclosed by NITDA via its official X account.

CVE-2025-0366 is a critical security flaw in the Jupiter X Core plugin for WordPress, allowing attackers to take control of vulnerable websites without authentication. The issue stems from improper file type validation, enabling unauthorized file uploads and remote code execution.

According to the agency, the Computer Emergency Readiness and Response Team Nigeria has classified CVE-2025-0366 as an “unauthenticated privilege escalation vulnerability.”

This means attackers can exploit the flaw to gain administrative access or execute arbitrary code on websites using the Jupiter X Core plugin.

“A critical security flaw has been discovered in the Jupiter X Core plugin for WordPress, affecting websites using this popular theme framework,” the statement said.

The impact of CVE-2025-0366 is severe. If exploited, attackers can gain full control over affected WordPress sites, enabling them to:

Modify or delete website content

Inject malware to infect visitors

Steal sensitive data, including customer information and login credentials

Redirect users to phishing sites.

To prevent exploitation of CVE-2025-0366, CERNT.NG recommends four key steps for website administrators and business owners:

Update the Plugin – Install the latest version of the Jupiter X Core plugin (4.7.8) to patch the vulnerability.

Remove Unused Plugins – Disable and delete outdated or unnecessary plugins to reduce security risks.

Enhance Security Measures – Implement firewalls, malware scanning, and two-factor authentication for added protection.

Conduct Regular Security Audits – Perform routine security checks to detect and address potential threats.

Many Nigerian businesses depend on WordPress-powered websites for e-commerce, customer engagement, and online transactions.

A security breach could disrupt operations, compromise sensitive data, and erode customer trust. Updating plugins and strengthening cybersecurity measures is crucial to safeguarding these platforms.

“This poses a significant risk to website owners, especially those handling sensitive user data,” they said.

Tagged: