Recent WordPress vulnerability used to deface 1.5 million pages

Up to 20 attackers or groups of attackers are defacing WordPress websites that haven’t yet applied a recent patch for a critical vulnerability.

The vulnerability, located in the platform’s REST API, allows unauthenticated attackers to modify the content of any post or page within a WordPress site. The flaw was fixed in WordPress 4.7.2, released on Jan. 26, but the WordPress team did not publicly disclose the vulnerability’s existence until a week later, to allow enough time for a large number of users to deploy the update.

To read this article in full or to leave a comment, please click here

Story added 10. February 2017, content source with full text you can find at link above.

Recent WordPress vulnerability used to deface 1.5 million pages

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts