WordPress releases version 3.5.1, fixes 3 security issues

WordPress releases version 3.5.1, fixes 3 security issues

Summary: Yesterday's release of WordPress v3.5.1, fixes 37 bugs, including three security issues.

SHARE:
TOPICS: Security
1

Yesterday's release of WordPress v3.5.1, fixes 37 bugs, including three security issues.

The following security issues were addressed:

  • A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions.
  • Two instances of cross-site scripting via shortcodes and post content.
  • A cross-site scripting vulnerability in the external library Plupload.

Vulnerable WordPress installations are a common target for cybercriminals, who regularly use them as a foundation for launching malicious attacks.

WordPress users are advised to upgrade to the latest version immediatelly, as well as to go through this very informative article, discussing the most common malware infections that could possible affect them.

Find out more about Dancho Danchev at his LinkedIn profile.

Topic: Security

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Wut?!

    That's Sheldon Cooper! Not Dancho Danchev! Pen Name? ={P
    Jouten