banner

WordPress gets patch for critical XSS flaw

Written by Cio
WordPress gets patch for critical XSS flaw
  • Cio
  • 2 years ago

Developers of the popular WordPress blogging platform have released a critical security update to fix a vulnerability that can be exploited to take over websites.

WordPress 4.2.3, released Thursday, resolves a cross-site scripting (XSS) vulnerability that could allow users with the Contributor or Author roles to compromise a website, said Gary Pendergast, a member of the WordPress team, in a blog post.

While this is not as critical as a flaw that can be exploited without authentication, it still poses a high risk for many websites because the compromise of a single non-administrator user account can turn into a complete website takeover.

To read this article in full or to leave a comment, please click here

Read More

0 0
Article Tags:
· · · · ·
Article Categories:
Software

Leave a Comment

Your email address will not be published. Required fields are marked *