News

WordPress closes serious security hole

By admin
Spread the love

A week before version 3.9, WordPress patched a critical vulnerability in its content management system that allowed attackers to gain access via fake authentication cookies. Three smaller leaks have also been closed.

The vulnerability is not only in version 3.8, which the patch brings to version 3.8.2, but also in version 3.7 and the early version of 3.9. WordPress has also released updates for those versions. The patch that is supposed to close the leak has been given the designation CVE-2014-0166. The vulnerability was discovered by WordPress itself.

In addition to this critical leak, three less urgent patches have been released and nine bugs have been squashed. For example, a patch helps hosts handle potentially malicious requests when processing pingbacks, an ability to perform sql injections has been fixed, and the ability to perform cross-domain scripting via the Plupload library has been removed. WordPress is automatically updated for those who set it up that way; others will have to update the cms itself.

You might also like
Extensions & Addns

ShortcutKey2URL for Chrome . Extension

News

Water collection from the air using a portable system

Review

AMD X870 Motherboards Review- ASUS, ASRock and MSI present line-ups

Review

New eras for old favorite – Civilization VII Review

Review

Waterproof range for your garden – TP-Link Deco X50-Outdoor Quick Test

Downloads

Download Office 365 Offline Installer ISO / IMG

Exit mobile version