- 17:00Israel vows to strike Iran again if threatened, defense minister warns
- 16:20Morocco sees record 8.9 million tourists in first half of 2025
- 15:50Morocco aims to secure five-month wheat stock amid price drop
- 15:20Macron and Starmer to sign historic nuclear deterrence pact
- 14:50Chemsedine Talbi completes Sunderland move after stellar Club Brugge season
- 14:20Police in Marrakech detain Algerian-French suspect wanted by Interpol
- 13:30EU unveils stockpiling plan to prepare for crises and conflict
- 12:50Spain eases lockdowns as firefighters stabilize Catalonia forest blaze
- 12:20Spaniards favor China over the US in shifting global perceptions
Follow us on Facebook
Critical WordPress Plugin Vulnerability Raises Security Concerns in Morocco
Moroccan authorities have issued a warning to WordPress users regarding a significant security vulnerability found in a widely used plugin. The General Directorate of Information Systems Security (DGSSI), under the National Defense Administration, alerted users through its cybersecurity monitoring center.
The flaw, identified as CVE-2025-2636, specifically affects the “InstaWP Connect” plugin in versions prior to 0.1.0.88. This vulnerability allows unauthorized hackers to remotely execute malicious PHP code on compromised websites.
In response, WordPress has released a security patch designed to address this issue. Site administrators are strongly urged to update their plugins immediately through the WordPress dedicated page to safeguard against potential cyberattacks.
This alert comes at a time when Moroccan government websites have been targeted by recurring cyberattacks, predominantly attributed to hacker groups believed to be operating from or associated with Algeria. The persistent threats to the country's critical infrastructure highlight the urgent need for enhanced cybersecurity measures.
Recent disclosures from Kaspersky during GITEX Africa 2025 reveal alarming statistics: Morocco now ranks third in Africa for web-based attacks, with over 12.6 million hacking attempts against Moroccan entities recorded in 2024 alone.
In light of these developments, Bank Al-Maghrib has introduced comprehensive security guidelines aimed at protecting citizens as they navigate an increasingly digital financial landscape. These initiatives underscore the pressing reality that bolstering Morocco’s digital defenses is crucial for national security.