Content injection vulnerability – WindowsTechs.com

WordPress REST API Bug Could Be Used in Stored XSS Attacks

Posted on March 14, 2017 by Michael Mimoso

The recently patched REST API Endpoint vulnerability in WordPress could be leveraged to pull off stored cross-site scripting attacks. Continue reading WordPress REST API Bug Could Be Used in Stored XSS Attacks→

1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure

Posted on February 10, 2017 by Chris Brook

WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability. Continue reading 1.5M Unpatched WordPress Sites Hacked Following Vulnerability Disclosure→

WordPress Silently Fixed Privilege Escalation Vulnerability in 4.72 Update

Posted on February 2, 2017 by Chris Brook

WordPress silently fixed a serious content injection vulnerability when it pushed out its latest security release, 4.7.2, last week
Continue reading WordPress Silently Fixed Privilege Escalation Vulnerability in 4.72 Update→