WordPress Ships 'Urgent' Security Update
Ryan Naraine writes on eWeek:
A security hole in the XML-RPC implementation allows unauthorized third parties to edit WordPress-powered blogs.More here.
Blogging software provider WordPress has shipped an "urgent" security update to fix an XML-RPC implementation flaw that allows unauthorized third-party editing of blog posts.
With WordPress 2.3.3, the open-source company patches a bug that could let attackers use specially crafted requests to edit posts of any other user on that blog. An attacker would need valid user credentials to edit posts by another user on the blog, WordPress said in an advisory.
0 Comments:
Post a Comment
<< Home