WordPress Issues Critical Update

Anthony Pell

1 min read Dec 30, 2010

WordPress has detected and fixed a cross-site scripting (XSS) vulnerability. WordPress 3.04 contains the fix that founder Matt Mullenweg calls "critical." Hosted WordPress.com customers don't need to worry, as security updates happen automatically for them.

XSS attacks can be used to steal login information or other sensitive information from visitors to a particular site. According to ReadWriteWeb staff hacker Tyler Gilles, this is similar to XSS vulnerability that affected Twitter users recently. He notes that WordPress's fix is similar to Twitter's.

The vulnerability was found in KSES, WordPress's HTML sanitation library. WordPress was first notified of the issue by Mauro Gentile and Jon Cave.

The link for this article located at ReadWriteHack is no longer available.

Get the Latest News & Insights

News

Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Advisories

Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
HOWTOs

Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Features

Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
About Us

Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Powered By

Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.

WordPress Issues Critical Update

Anthony Pell

Get the Latest News & Insights

LinuxSecurity Poll

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By