Today, Karim El Ouerghemmi discloses a critical WordPress vulnerability allowing any author, editor, administrator to delete any file of the installation, in any folder, without any tool.
WordPress Flaws and Vulnerabilities
WordPress has made some great strides in terms of security with the latest version releases. Despite all these efforts, flaws and vulnerabilities are always being discovered. It's important to keep an eye on them and make sure to install the proper security patches. Check out our articles regarding some flaws found on WordPress.
Today is a spooky day for WordPress, releasing a new security fix directly related to the last vulnerability fixed in 4.8.2.
Since days, WordPress has a password reset feature allowing any user to ask for a new password. This feature contains a vulnerability which might allow an attacker to get the password reset link without even being authenticated. This kind of attack could lead to an unauthorized access on the victim’s WordPress account.
Update your website now! Yes, this is it.
W3TC 0.9.4.1 is again on the radar today with these 4 new vulnerabilities. Discover them now!