Categories: Wordpress

vulnerability / Security – WordPress Warns Users to Update 4.6.1

Recently, Google Webmaster has received a warning from WordPress for updating their Content Management System packages as soon as possible so that they can safeguard their domains from complicated WordPress vulnerabilities.

Back on Thursday, September 8, the CMS provider launched a security advisory along with the most recent WordPress version, 4.6.1. Presently available, the update fixes two serious issues related to WordPress securities, a path traversal security bug and a cross-site scripting flaw.

Back in July, Cengiz Han, a SumOfPwn researcher discovered the XSS vulnerability at the bug bounty project of the Summer of Pwnage, which lets hackers use a crafted image file, inject vulnerable JavaScript code into the software by uploading the image file to the WordPress.

In order to perform multiple actions, a hacker can misuse this vulnerability, with the inclusion of crafting login credentials and session tokens and remote execution of malicious code also.

From the WordPress team, Dominik Schilling reported the second serious hole which is a path traversal flaw discovered inside the upgrade package uploader.

WordPress has fixed these issues in version 4.6.1; however, every prior version of the CMS is ready to exploit. Even, further 15 bugs from WordPress 4.6 were also patched by the CMS provider, including plugin install infinite loop flaws, peculiar thumbnail behaviors, and email server setup problems.

It is to be noted that back in June, WordPress security experts cautioned that more than 10,000 WP sites were at risk of attack because of the discovery of 0-day flaw inside the WP Mobile Detector plugin. See how to protect WordPress website security, tips, malware, firewall

 

raghwendra

Me a freelance web developer from new delhi india. visit me

Share
Published by
raghwendra

Recent Posts

Benefits of Hiring Magento Custom Development in 2024

Choosing the perfect Magento Custom Development is quite a challenging task. As being a technical…

10 months ago

How to Choose the Best React JS Development Company in 2024

Usually finding a perfect React JS Development Company is a difficult task, but to simplify…

10 months ago

Tips to Choose Best Shopify Website Development Services

Have you ever worried about things that you should consider while choosing Shopify Website Development…

12 months ago

How Can SEO Company in India Help My Startup Grow?

Have you ever thought that is it important to hire an SEO Company in India…

12 months ago

Top Benefits of Magento Custom Development Services

You can easily grow your e-commerce business with Magento Custom Development Services from Raghwandra. Our…

1 year ago

Raghwendra The Best React JS Development Company

Every person who has an online business always wants seamless web development and smooth performance.…

1 year ago