04 May WordPress Zero-Day vulnerability, is this the end of the world?
No, but it’s very epic!
The latest news is that a Finland-based security firm has found a critical vulnerability in the core engine of the WordPress Content Management System (CMS).
What they have discovered is a Zero-Day flaw that could allow hackers to execute remote code on the webserver, taking over the CMS platform by simply adding comments on pages and posts.
An absolutely critical compromise, one that needs to be rectified quick smart.
In order to fix the security hole, upgrade WordPress to version 4.2.1 which will resolve the cross-site scripting vulnerability.
If you are not able to upgrade your WordPress version due to customisations, it has been advised to turn off all commenting within WordPress settings, however, ideally an upgrade must be actioned.
For an in depth update and a video demonstration of the actual vulnerability visit: http://thehackernews.com/2015/04/WordPress-vulnerability.html
If you would like some help with your WordPress upgrade, please get in touch below.
Latest posts by David Share (see all)
- 4 Biggest & Scariest Cyber Attack Threats to UK Businesses & How To Avoid Them - March 18, 2019
- Payroll Scam…You could literally lose your salary to cyber fraud - March 6, 2019
- Outlook 365 Clutter feature is closing down in January 2020 - February 26, 2019