Primary

Context

OVRI Payment WordPress Plugin .htaccess File Vulnerability

Vulnerability

A vulnerability exists in the OVRI Payment plugin for WordPress, specifically in version 1.7.0. This issue involves the presence of malicious .htaccess files that contain directives allowing the execution of known harmful PHP files while blocking certain other scripts. If these files are moved outside the plugin's directory, they could disrupt the normal functioning of a WordPress site.

Impact

Exploitation of this vulnerability could lead to interference with the proper functioning of a WordPress site, potentially allowing the execution of malicious PHP files that could be harmful to the site or its users.

Remediation

No known patch is available for this vulnerability. It is recommended to uninstall the affected plugin and find a replacement.

Added: Feb 27, 2026, 10:22 AM

Updated: Feb 27, 2026, 2:43 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

3.1

remediation

0.0

relevance

3.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

3.1

remediation

0.0

relevance

3.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OVRI Payment WordPress Plugin .htaccess File Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating