Posts

Showing posts with the label sucuri

Akismet XSS Vulnerability : Wordpress Security Update

Image
A scientist from Sucuri told us of a XSS vulnerability in the Akismet WordPress plugin. This bug influences all versions of the Akismet WordPress plugin since 2.5.0, however we have no confirmation that it has been misused in nature.  A vulnerability in Akismet found a week ago and due to fact that Akismet is a standout amongst the most broadly utilized plugins for WordPress, we needed to draw it out into the open.  Akismet is a comment spam channel for WordPress and when all is said in done, it makes an awesome showing. The Akismet team reported on their web journal a week ago that a cross website scripting (XSS) vulnerability had been found in all versions of Akismet since 2.5.0.  The vulnerability permits an hacker to post a remark on a WordPress site which will execute javascript in the WordPress administrator console. This is a normal XSS vulnerability example and one of the assaults it empowers would permit an aggressor to take a WordPress head's treats an...