If you've Got a Wordpress Website, Pay Attention: a Recently Discovered Vulnerability within the Blogging Platform, Leaves your Website Open to Attack, according to the Security Firm, Sucuri. So Far, it Affects the TwentyFifteen Theme (Installed by Default) and the JetPack Plugin, which has Over a Million Installations. At Issue is the "Genericons" Wordpress Package, Something that, Both of those Wordpress Add-Ons Use, which Comes with an Insecure File that Leaves Websites Open to a Cross-Site Scripting Vulnerability. If a Hacker Can Trick you into Clicking a Malicious Link, they Can Get Full Control of your Wordpress Website. Thankfully, the Fix is Pretty Simple: Just Remove the "example.html" File from any Instance of Genericons in your Wordpress Installation. Sucuri has also Warned Several Hosting Providers about the Vulnerability, including Godaddy, Dreamhost and WPEngine, Who've already Patched against the Issue.
Info Sources:
http://arstechnica.com/security/2015/05/actively-exploited-wordpress-bug-puts-millions-of-sites-at-risk
https://blog.sucuri.net/2015/05/jetpack-and-twentyfifteen-vulnerable-to-dom-based-xss.html
_Robot_Glove_Pics_1.jpg)
.jpg)
0 comentários:
Enviar um comentário