dcsimg

WordPress Version 4.5.2 Patches SOME and XSS Flaws

By HTMLGoodies Staff

WordPress has already released three security updates this year bringing the current version 4.5.2. WordPress also turned on free encryption for custom domains hosted on the platform. In an advisory published late last week, WordPress said the Plupload third-party file-upload library was plagued by a SOME vulnerability. SOME flaws are Same Origin Method Execution bugs where JSON callbacks are abused and lead to similar problems as cross-site scripting attacks. Researcher Ben Hayak presented on SOME flaws at Black Hat Europe two years ago and he provides some technical details in a blog post. Continue reading this story here



Make a Comment

Loading Comments...

  • Web Development Newsletter Signup

    Invalid email
    You have successfuly registered to our newsletter.

    By submitting your information, you agree that htmlgoodies.com may send you HTMLGOODIES offers via email, phone and text message, as well as email offers about other products and services that HTMLGOODIES believes may be of interest to you. HTMLGOODIES will process your information in accordance with the Quinstreet Privacy Policy.

  •  
  •  
  •  
Thanks for your registration, follow us on our social networks to keep up-to-date