Quoted journalist covering a competent security company during the last days of the existence of a critical gap at the level of blogging "PHP / WordPress platform" exploit allows exposing more than one million Web-site risk.
And by competent security company "Sucuri" there is a serious gap of XSS category at the level of WordPress platform, the gap is mainly found in one of the famous on the podium additives, is to add "Jetpack", and this gap is of concern to all copies of this addendum since 2012, and managed hackers broadcast JavaScript code in the site-specific comments.
And as soon as the user pressure on these comments, it is converted to fake websites where the user in turn will become the publisher of such kind of comments on the spam form, and it comes to a particular component "Shortcode Embeded" to add Jetpack in more than one million Web site on the platform WordPress.
0 comments:
Post a Comment