Blog

WordPress gets patch for critical XSS flaw

Posted by:

Developers of the popular WordPress blogging platform have released a critical security update to fix a vulnerability that can be exploited to take over websites.

WordPress 4.2.3, released Thursday, resolves a cross-site scripting (XSS) vulnerability that could allow users with the Contributor or Author roles to compromise a website, said Gary Pendergast, a member of the WordPress team, in a blog post.

While this is not as critical as a flaw that can be exploited without authentication, it still poses a high risk for many websites because the compromise of a single non-administrator user account can turn into a complete website takeover.

To read this article in full or to leave a comment, please click here

0


About the Author

We offers a proactive approach to IT support, Managed IT Services, Hosted Cloud Services, and IT Project Management. We are focused on anticipating and mitigating any IT infrastructure problems you might incur. We offer the most unique blend IT project consulting, complete cloud-based services, and network/server management techniques to provide a customized solution for any size business. We are the premier provider of Managed IT Services, IT Support Services, Hosted Cloud Servers, Hosted Microsoft Exchange Email, Hosted VoIP PBX and Outsourced IT solutions. We service Texas from our main offices in Austin, Dallas, Houston and San Antonio. Our unique blend of computer networking services, cloud-based offerings, and professional IT services are provided by certified IT consulting professionals. We strive to be your one source for all technology guidance, support, hardware, software, and telephony. Using cutting edge network management tools and expertise, We will monitor your company’s network activity 24x7x365 in an effort to correct emerging issues well before they escalate to a level that forces business as usual to cease.

# #