WordPress fix long overdue

      Comments Off on WordPress fix long overdue

WordPress website It’s now seven months since researchers notified WordPress that its CMS contained a vulnerability that allows a user with limited privileges to deploy the ‘thumbnail delete’ function to take control of a website.

So far, WordPress has failed to issue a fix; despite the fact that a malicious party – whether an external hacker who has nefariously gained accreditation or a malicious employee abusing their author account – could exploit this glitch to execute code, delete content or hijack the site by issuing a new admin account.

While a hotfix can be implemented to resolve the issue, it is hoped that the eagerly-awaited update of the WordPress CMS software will rectify the problem once and for all.

Read more at https://thehackernews.com/2018/06/wordpress-hacking.html

Share