Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Stored XSS glitch in WP-Super-Cache may affect over 1 million WordPress sites

Stored XSS glitch in WP-Super-Cache may affect over 1 million WordPress sites

2015/04/08

Softpedia - (International) Security researchers from Sucuri discovered a cross-site-scripting (XSS) vulnerability in WP-Super-Cache plug-in versions prior to 1.4.4 for WordPress sites that could allow attackers to add new administrator accounts to the Web sites or inject backdoors due to improper sanitization of information originating from users. The plugin currently has over 1 million active installations and developers released a new version repairing the issue.

Source: http://news.softpedia.com/news/Stored-XSS-Glitch-in-WP-Super-Cache-May-Affect-Over-1-Million-WordPress-Sites-477905.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:00