Our Wordress portal is automatically updated to 4.2.1 on 28th.. So .. Kool :)
Cheers Naik On Thu, Apr 30, 2015 at 11:50 AM, pk <[email protected]> wrote: > A zer0 day vulnerability has been found in the word press 4.2 and earlier.The > WordPress content management system used by millions of websites is > vulnerable to two newly discovered threats that allow attackers to take > full control of the Web server. Jouko Pynnönen <http://klikki.fi/> discovered > the zero-day vulnerability in WordPress versions 4.2 and earlier, which > allows an attacker to use stored or persistent, cross-site scripting > (XSS) bugs <https://en.wikipedia.org/wiki/Cross-site_scripting> to embed > code into a WordPress comment field. From there, attackers can change > passwords, add new administrators, or take just about any other action > legitimate admins can perform.In this new WordPress vulnerability, the > malicious comment has to be at least 66,000 characters long > <http://wccftech.com/critical-wordpress-4-2-vulnerability/> and the > script will be triggered when the comment is viewed, check out the link > for more details. > > http://www.symantec.com/connect/blogs/wordpress-zero-day-exploit-patch-released > > > -- > You received this message because you are subscribed to the Google Groups > "NFORCEIT" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/nforceit. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "NFORCEIT" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send an email to [email protected]. Visit this group at http://groups.google.com/group/nforceit. For more options, visit https://groups.google.com/d/optout.
