728x90 AdSpace

Latest News

Friday, 22 May 2015

Your website is based on WordPress? You should read this right now.

WordPress is by far the most popular content management system (CMS), and almost a quarter of the entire web. It is therefore not surprising to learn that he is under constant surveillance against hackers eager to exploit its growing popularity.

WordPress XSS Vulnerability
The SaaS provider (Security as a Service) Zscaler said that a number of WordPress-based websites have been compromised after users have logged on to their site from a home page containing malicious code . Once the captured data, they were then sent in encrypted format to hacker.

To keep your WordPress site frequently updated, it usually comes down to an issue to allow the CMS to automatically update to the latest version, which is currently the 4.2.2.

The latter also addresses a flaw that affected the package Genericons WordPress, a cross-site scripting vulnerability (abbreviated XSS) using the DOM. What makes this very critical flaw is that it potentially affects millions of websites worldwide.

According to David Dede, part of the Sucuri team that found the flaw, "the main problem here is that the Genericons package, which can be used by a plugin or theme, is potentially vulnerable if it includes example.html file".

WordPress 4.2.2 fixes this flaw and another DOM-XSS vulnerability, and more than a dozen other minor bugs.
  • Blogger Comments
  • Facebook Comments

0 comments:

Post a Comment

Item Reviewed: Your website is based on WordPress? You should read this right now. Description: Rating: 5 Reviewed By: Unknown
Scroll to Top