NITDA Warns Nigerian Website Owners of WordPress Security Flaw
The National Information Technology Development Agency (NITDA) has issued a stern warning to Nigerian website owners regarding a severe security flaw in the Jupiter X Core WordPress plugin.
The vulnerability, identified as CVE-2025-0366, poses a significant risk, potentially allowing attackers to gain administrative access to affected websites.
According to NITDA, the flaw enables unauthenticated users to execute arbitrary code, manipulate website content, inject malware, steal sensitive information, or even redirect visitors to fraudulent phishing sites. Given the widespread use of WordPress for business, government, and personal websites in Nigeria, this vulnerability could have far-reaching consequences if left unpatched.
BEWARE: Critical Security Flaw in Jupiter X Core Plugin for WordPress⚠️
A vulnerability has been discovered that affects websites using the Jupiter X Core plugin. This flaw allows unauthorized file uploads and account takeovers.#CyberSecurityAlert pic.twitter.com/mYK8nHAlpT
— NITDA Nigeria (@NITDANigeria) March 5, 2025
The agency has urged website owners to take immediate action by updating the Jupiter X Core plugin to the latest available version (4.8.8), which contains necessary security patches. Additionally, website administrators are advised to remove outdated or unnecessary plugins, monitor their websites for suspicious activity, and enforce stronger authentication measures, such as two-factor authentication (2FA) and the use of robust passwords.
Also Read: NITDA Warns of New ‘Grandoreiro’ Banking Malware Threat
Cybersecurity experts have echoed NITDA’s concerns, warning that failure to address the issue promptly could expose website owners to potential financial losses, reputational damage, and legal liabilities. They also stress the importance of regularly updating all website components, conducting security audits, and backing up website data as preventive measures.
With cyber threats on the rise, NITDA continues to emphasise the importance of proactive security measures and vigilance among Nigerian website owners. The agency encourages those affected to seek professional assistance if necessary and to remain alert to further security advisories.
For further updates, website owners are encouraged to visit the official NITDA website or follow the agency’s cybersecurity alerts.
Comments are closed.