WordPress close ‘critical’ xss leak




WordPress has released a new version which includes a “critical” vulnerability is resolved. The leak was found by a Belgian security researcher. Also two minor security problems are resolved.

WordPress logo The leak is according to the ICT security team from the US government so dangerous that website owners can best update as soon as possible to a new version of WordPress. All installations to 4.1.1 are vulnerable; version 4.1.2, which was released this week, solves the problem.

The leak was discovered in WordPress by Belgian security researcher Cedric Bockhaven. He discovered that WordPress contains a cross site scripting vulnerability which attackers own HTML and JavaScript code can be added to a website. In this case, an attacker may thus take over a site.

In addition, in WordPress solved two smaller bugs close smaller vulnerabilities. This concerns in particular for a less dangerous xss leak. Warns WordPress sure many developers of plugins recent days have released updates, and administrators of websites that can update the best too. It often happens that WordPress plugins are



In: Technology & Gadgets Asked By: [15597 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »