Follow Us on Facebook

Walaw

Technology

Critical WordPress Plugin Vulnerability Raises Security Concerns in Morocco

07:50

Moroccan authorities have issued a warning to WordPress users regarding a significant security vulnerability found in a widely used plugin. The General Directorate of Information Systems Security (DGSSI), under the National Defense Administration, alerted users through its cybersecurity monitoring center.

The flaw, identified as CVE-2025-2636, specifically affects the “InstaWP Connect” plugin in versions prior to 0.1.0.88. This vulnerability allows unauthorized hackers to remotely execute malicious PHP code on compromised websites.

In response, WordPress has released a security patch designed to address this issue. Site administrators are strongly urged to update their plugins immediately through the WordPress dedicated page to safeguard against potential cyberattacks.

This alert comes at a time when Moroccan government websites have been targeted by recurring cyberattacks, predominantly attributed to hacker groups believed to be operating from or associated with Algeria. The persistent threats to the country's critical infrastructure highlight the urgent need for enhanced cybersecurity measures.

Recent disclosures from Kaspersky during GITEX Africa 2025 reveal alarming statistics: Morocco now ranks third in Africa for web-based attacks, with over 12.6 million hacking attempts against Moroccan entities recorded in 2024 alone.

In light of these developments, Bank Al-Maghrib has introduced comprehensive security guidelines aimed at protecting citizens as they navigate an increasingly digital financial landscape. These initiatives underscore the pressing reality that bolstering Morocco’s digital defenses is crucial for national security.

Keywords: