Popular website plugin harboured a serious 0-day for years

Every now and again security researchers stumble on the sort of bad security flaw that reminds us how innocuous-looking aspects of web development can suddenly turn dangerously hostile. An unnerving example is a vulnerability that Akamai’s Larry Cashdollar stumbled on earlier this year after encountering the hugely popular file upload plugin, jQuery File Upload, used to add user-friendly file upload capabilities like drag and drop to websites and web content management systems, including WordPress.

Read full news article on Naked Security

 


Date:

Categorie(s):