WordPress vulnerability makes it easy to hijack millions of websites The WordPress content management system is vulnerable to two newly discovered threats. Both vulnerabilities are known as stored, or persistent, cross-site scripting (XSS) bugs. The bugs allow an attacker to inject code into the HTML content received by administrators. The attackers can embed malicious code… Read more »
Late yesterday afternoon (24/11/14), Reconnix became aware of a vulnerability within WordPress. The problem is with a cross-site scripting vulnerability that affects versions 3.9.2 and earlier. This particular vulnerability could allow an attacker to enter code on to the comments section of a blog post, enabling them to take control of the administrator’s account. So, as with… Read more »
Heartbleed: What happens when people don’t work properly.