[WordPress Security] Serious Vulnerability in the WPML Plugin

DanN

antreprenor
Registered
Full Member
Freelancer
Web Designer
Several serious vulnerabilities have been disclosed in the WPML plugin for WordPress. Jouko Pynnonen, the CEO of Finland-based IT company Klikki Oy disclosed the vulnerabilities earlier this week. They include:
  • SQL injection which gives full access to the WordPress database.
  • Page, post and menu deletion by an unauthenticated attacker.
  • Reflected XSS
  • Unauthenticated administrative functions.
SecurityWeek is also covering this issue.

What to do: Upgrade immediately to WPML version 3.1.9 which was released earlier this week and resolves these issues.

Regards,
Mark Maunder
Wordfence Founder & CEO
Nu am mai stat sa traduc aceasta notificare din partea Wordfence
 
am si eu cateva notificari de postat pe aceasta tema. :D
Cine vrea in limba romana sa foloseasca functia de la chrome pentru a traduce.
Ideea este urmatoarea: update>update>update...
 
Loading...
Back
Sus