|
[!] CRITICAL Persistent XSS 0day in WordPress
Quote:
|
If your WordPress site allows users to post comments via the WordPress commenting system, you?re at risk. An attacker could leverage a bug in the way comments are stored in the site?s database to insert malicious scripts on your site, thus potentially allowing them to infect your visitors with malware, inject SEO spam or even insert backdoor in the site?s code if the code runs when in a logged-in administrator browser.
|
...
Quote:
|
There?s a few thing you can do to prevent getting hacked before there?s an official patch being released: You can disable comments on your site or leverage a Web Application Firewall to filter good requests from exploit attempts.
|
https://blog.sucuri.net/2015/04/crit...wordpress.html
__________________
StagCMS - Adult CMS - user friendly adult content management system - speed up your websites with no SQL connections
ICQ: 63*23*43*113
|