1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Flaw in WordPress caching plug-in could affect over 1 million sites

Discussion in 'Network World' started by RSS, Apr 8, 2015.

  1. RSS

    RSS New Member Member

    A vulnerability in the popular WP Super Cache plug-in for WordPress could allow attackers to inject malicious scripts into websites. The scripts, when loaded by administrators, could trigger unauthorized actions.

    WordPress websites are a popular target for hackers and many of them are compromised due to plug-in vulnerabilities. Just on Tuesday, the FBI warned that attackers sympathetic to the extremist group ISIS -- also known as ISIL -- have defaced many websites by exploiting known vulnerabilities in WordPress plug-ins.

    The persistent cross-site scripting (XSS) flaw in WP Super Cache can be exploited by sending a specifically crafted query to a WordPress website with the plug-in installed, according to Marc-Alexandre Montpas, a senior vulnerability researcher at Web security firm Sucuri.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page