WordPress ships 'mandatory' security update

WordPress ships 'mandatory' security update

Summary: Security vulnerability could allow a malicious Author-level user could gain further access to the WordPress-powered site.

SHARE:
TOPICS: Security
1

Maintainers of the open-source WordPress blog publishing platform has shipped a mandatory security  update to cover a potentially serious security vulnerability.

The vulnerability, rated moderate, could allow a malicious Author-level user could gain further access to the WordPress-powered site.

"You should update immediately even if you do not have untrusted users," according to a notice from the maintainers of the project.

The WordPress 3.0.2 update also fixes a flaw in the trackback whitelisting feature that allowed comment spammers to bypass certain security features.  A minor cross-site scripting issue was also addressed in this update.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • RE: WordPress ships 'mandatory' security update

    sdfvxcvc
    cvjknbkjhdsd