WordPress 2.8.6 Actualizari de securitate

13 Noi 09 by IDGLabs.RO in CMS, Wordpress CMS

WordPress 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges.

If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.

Thanks to Benjamin and Dawid for finding and reporting these.

WordPress 2.8.6 is available for download here.

http://wordpress.org/download/

Here’s a a list of 5 practical plug-ins that extend WordPress’ functionality in the security arena.

wordpress update download WordPress 2.8.6 Actualizari de securitate wordpress cms cms WordPress 2.8.6 cu aceasta nou versiune se “acopera” citeva probleme de securitate privind utilizatorii inregistrati, si care au permisia de a scrie in blogul dvs

Daca aveti utilizatori inregistrati si nu aveti multa incredere in ei, trebuie sa actualizati blogul dvs.

Problema descoperita se refera la o vulnerabilitate in XSS care a fost descoperita de catre Benjamin Flesch.

Alta problema a fost descoperita de catre Dawid Golunski, acest “bug” se refere la posibilitate de a schimba anumite configuratii pe serverele Apache in momentul cind se face Upload.

WordPress 2.8.6 poate fi descarcat de la urmatoarea adresa.

http://wordpress.org/download/

Return to top

Tagged: actualizati, download, privileges, securitate, security arena, security problems, update, Wordpress, XSS

WordPress 2.8.6 Actualizari de securitate

Cautare in site

Categories

Aveti un site cu putin vizite?

Traficul viral este o tehnica de promovare web

Facebook