On January 26, WordPress released a security update (4.7.2) to fix a set of vulnerabilities on its platform, including an SQLi and XSS vulnerability. They recommended that this version be installed immediately for security reasons. What they did not disclose was that a serious vulnerability existed in their REST API endpoint, which was introduced in the 4.7 version; however, this was fixed in version 4.7.2. WordPress released a blog post on February 1 that revealed the endpoint vulnerability. The announcement was initially delayed because they needed to inform security companies about the vulnerability, as well as help them build rules to block these attacks. This would prevent the numerous attacks that typically follow a disclosure. Kudos to the Wordpress team for taking immediate … [Read More...]
You are here: Home
Barracuda offers risk-free 30-day evaluations on all of our security and storage products. Visit this page to request yours.