// archivio

wordpress exploit

Questo tag è associato con 1 articoli



12 Ago/09

WordPress 2.8.4 Security Update

WordPress 2.8.4 Security Update

(adsbygoogle = window.adsbygoogle || []).push({}); We noticed a security vulnerability in WordPress 2.8.3 yesterday (and earlier versions as well) that allowed an attacker to reset passwords of users. While this vulnerability could not be exploited to gain access to the user account (unless access to the email account the password was send to was available as well) it could be used to annoy those users especially when combined with an automated script that would reset...

11 Ago/09

WordPress Remote Admin Password Reset Vulnerability

WordPress Remote Admin Password Reset Vulnerability

(adsbygoogle = window.adsbygoogle || []).push({}); The password of my WordPress admin account was not valid when I tried to login today. I first thought it was a problem with the LastPass password manager and tried to see if I was still logged into the service. When I checked my email inbox I noticed that I have received a new password for the account. That was strange since I did not request a new password. It was not that much of a concern to me as I thought that someone...