New WordPress update a must for users
Posted on 23 April 2012.
A new stable version of the popular free open source blogging tool WordPress is available for download, and users are advised to do get a move on and install it, as it's a security update for all previous versions.

Among the external libraries used by WordPress that have also received security updates are Plupload and SWFUpload (for uploading media), and SWFObject (for embedding Flash content).

A number of additional security vulnerabilities have been addressed in WordPress 3.3.2:
  • a limited privilege escalation that allowed site administrators to deactivate network-wide plugins when running a WordPress network under particular circumstances,
  • a XSS vulnerability that was possible to exploit when making URLs clickable, and
  • several other XSS flaws that affected the handling of post-comment redirects and URL filtering.
Current users can download the update from the Dashboard -> Updates menu in their site’s admin area.






Spotlight

Successful strategies to avoid frequent password changes

Posted on 19 August 2014.  |  After a widespread, nonspecific data breach, the conventional wisdom is that people should change all their passwords. But, there’s a better way.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //