Rabat – Moroccan authorities have warned WordPress user about a critical security error in a popular plugin. The General Directorates of Information Systems Security (DGSSI), which operated under the national defense management, has published the warning on the cyber security surveillance center.
The susceptibility to security has an explicit effect on the plugin “InstoWp Connect” in versions older than 0.1.0.88. Identified as CVE 2025-2636. With this security hole, not authorized hackers can carry out a malicious PHP code on affected websites.
WordPress has already released a security patch to fix the problem. Site administrators are emphatically asked to update their plugins immediately on the WordPress page to protect against potential attacks.
This warning takes place in the middle of recurring cyber attacks on Moroccan government websites, which were mainly carried out by Hacker groups, which are believed to come from Algeria or are connected to algeria.
The country’s critical infrastructure is exposed to continuing threats, while Gitex Africa 2025 paint a worrying picture. Morocco is now the third continent width for web -based attacks. Hackers start over 12.6 million Try Against Moroccan goals in 2024 alone.
Bank al-Magrib has promoted extensive security guidelines to protect citizens who navigate an increasingly digitized financial landscape.
These developments underline an urgent reality: the strengthening of the digital defense mechanisms Morocco has become an essential pillar for national security.
Read too: Bank al-Maghribus issues the Digital Banking Security Guide when growing online services
