The Latest in IT Security

Recent WordPress vulnerability used to deface 1.5 million pages

13
Feb
2017
Recent WordPress vulnerability used to deface 1.5 million pages

wordpress-552924-100696513-large

Up to 20 attackers or groups of attackers are defacing WordPress websites that haven’t yet applied a recent patch for a critical vulnerability.

The vulnerability, located in the platform’s REST API, allows unauthenticated attackers to modify the content of any post or page within a WordPress site. The flaw was fixed in WordPress 4.7.2, released on Jan. 26, but the WordPress team did not publicly disclose the vulnerability’s existence until a week later, to allow enough time for a large number of users to deploy the update.

Read More

Leave a reply


Categories

SATURDAY, SEPTEMBER 23, 2017

Featured

Archives

Latest Comments

Social Networks