Thursday, 23 July 2015

New WordPress Leak Less Serious Than First Announced


There is a new version of the popular content management system (CMS) WordPress appeared in which a leak is patched which is less severe than initially announced. The creators of WordPress announced this afternoon that there is a critical update to WordPress 4.2.2 was released.

A cross-site scripting (XSS) vulnerability would make it possible for anonymous users to fully take over websites. Meanwhile, the text of the notice is amended and the word "critical" removed. It also appears that anonymous users can not take over websites. The leak is about to fall only by users who have the role of author or contributor, according to the new text . The previous version is still in the cache to find Google. In addition to the XSS vulnerability is also fixed 20 bugs. Users are advised to go directly to their websites WordPress 4.2.3 update.

No comments:

Post a Comment