PaulSpoerry.com

Social Media, technology, and geeky stuff for your brain.

  • Home
  • About
    • Privacy Policy
  • Categories
    • Google+ Posts
    • Site news
    • Tech
      • Android
      • Apple
      • Chrome
      • Gadgets
      • Hacking
      • Linux
      • OSX
      • Privacy
      • Web Life
        • Bittorrent
        • Facebook
        • FireFox
        • GMail
        • Google
        • Google+
        • Twitter
        • WordPress
        • Windows
          • Windows 7
    • Google+: Getting Started Guides
    • Games
    • Meditation
    • Politics
    • Science
    • That’s freakin hilarious
  • Code
    • FreeImageZoom
    • Post Editor for Google+™
    • The Plus Editor
  • Contact
You are here: Home / Google+ Posts / If you use WP-Super-Cache on WordPress upgrade immediately

If you use WP-Super-Cache on WordPress upgrade immediately

April 7, 2015 by Paul Spoerry Leave a Comment

 

As many as a million websites could be imperiled by a critical vulnerability recently discovered in WP-Super-Cache. The persistent cross-site scripting bug allows attackers to insert malicious code into WordPress-published pages that use the extension, according to a blog post published Tuesday by security firm Sucuri. Anyone who relies on the plug in should immediately upgrade to version 1.4.4, which has fixes for that bug and several others.

"Using this vulnerability, an attacker using a carefully crafted query could insert malicious scripts to the plugin’s cached file listing page. As this page requires a valid nonce in order to be displayed, a successful exploitation would require the site’s administrator to have a look at that particular section, manually.

When executed, the injected scripts could be used to perform a lot of other things like adding a new administrator account to the site, injecting backdoors by using WordPress theme edition tools, etc."

Info: http://blog.sucuri.net/2015/04/security-advisory-persistent-xss-in-wp-super-cache.html
Upgrade from your dashboard or: https://wordpress.org/plugins/wp-super-cache/

Check this out on Google+

Filed Under: Google+ Posts Tagged With: CrossSiteScripting, Wordpress, WPSuperCache

About Paul Spoerry

I’m a groovy cat who’s into technology, Eastern Thought, and house music. I’m a proud and dedicated father to the coolest little guy on the planet (seriously, I'm NOT biased). I’m fascinated by ninjas, the Internet, and anybody who can balance objects on their nose for long periods of time.

I have a utility belt full of programming languages and a database of all my knowledge on databases... I practice code fu. Oh, I've also done actual Kung Fu, and have a black belt in Tae Kwon Do.

I run. I meditate. I dance. I blog at PaulSpoerry.com, tweet @PaulSpoerry, and I'm here on Google+.

I'm currently work for IBM developing web enabled insurance applications for IBM and support and develop a non-profit called The LittleBigFund.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Copyright © 2023 · Epik on Genesis Framework · WordPress · Log in