WordPress 5.1.1 patches dangerous XSS vulnerability

18 March 2019

Researchers have offered more detail on a recently patched vulnerability that would allow an attacker to take over a WordPress site using something as simple as a maliciously crafted comment. Discovered by RIPS Technologies, the flaw is a cross-site request forgery (CSRF) flaw that exists on any site running version 5.1 or earlier with default settings and comments enabled.

Read full news article on Naked Security

Date:

18 March 2019

Categorie(s):

NEWS

Tag(s):

Content-management Framework, Cross Site Request Forgery, Cross-Site Scripting, CSRF, Open Source, Open Source Software, Security Pro, Security Threats, Wordpress

With its new iPad, Apple’s Empire strikes back6 May 2024
Malware campaign attempts abuse of defender binaries6 May 2024
Microsoft unveils new security features for SOC teams to combat insider threats6 May 2024
BigID launches new hybrid scanning technology for enhance cloud data management6 May 2024
At RSA, Cisco launches bolsters in Security Cloud, built on Hypershield and Splunk6 May 2024