FullSecurity Team Report WordPress Vulnerabilities

Iranian hacking and security team FullSecuritywww.fullsecurity.org– have discover 2 vulnerability in WordPress is here:

WordPress 4.2.1 XSS/Code Execution

Exploit Uses Cross Site Scripting -XSS- Vulnerabilities in WordPress Plugins have execute code with administrator privilege All version of WordPress vulnerable before version 4.2.1

Full detail here: http://fullsecurity.org/acc/06/حفره-جدید-در-وردپرس-wordpress-4-2-1-xss-code-execution.htmly

New bug discover in WordPress which can used to upload arbitrary files using vulnerability in WordPress And also ability to run remote commands

RevSlider vulnerability mean  a remote attacker could exploit Ajax code vulnerability to hack WordPress Important bug as many web sites use WordPress RevSlider version 3.0.95 is vulnerable WordPress 4.2.3 version will fix vulnerabilities so patch your systems

Full detail is here: http://fullsecurity.org/acc/08/حفره-جدید-در-وردپرس-revslider-3-0-95-file-upload-execute.html

Leave a Reply

Your email address will not be published. Required fields are marked *