Advertisement
Top

WordPress 4.7.5 release addresses six security vulnerabilities

May 19, 2017

Via: Security Affairs
Category:

The WordPress 4.7.5 release patches six vulnerabilities affecting version 4.7.4 and earlier. The latest version addresses cross-site scripting (XSS), cross-site request forgery (CSRF), and server-side request forgery (SSRF) flaws.

Below the list of the security issues fixed with the last update:

Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing.

Improper handling of post meta data values in the XML-RPC API. Reported by Sam Thomas.

Lack of capability checks for post meta data in the XML-RPC API. Reported by Ben Bidner of the WordPress Security Team.

Read More on Security Affairs

RELATED PUBLICATIONS

Over 91,000 LG smart TVs running webOS are vulnerable to hacking
Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric
Authorities Take Down Seller of Widely Used RAT Malware

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
FIN7 targeted a large U.S. carmaker with phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!