Posted by Sucuri Oct 14, 2015
Quote:
|
During a routine audit for our WAF, we discovered a critical stored XSS vulnerability affecting Akismet, a popular WordPress plugin deployed by millions of installs.
|
https://blog.sucuri.net/2015/10/secu...ss-plugin.html
Quote:
|
A researcher from Sucuri notified us of an XSS vulnerability in the Akismet WordPress plugin. This bug affects all versions of the Akismet WordPress plugin since 2.5.0, but we have no evidence that it has been exploited in the wild.
|
http://blog.akismet.com/2015/10/13/a...1-5-wordpress/
If you are using the WP Akismet Plugin you will want to immediately upgrade the plugin or disable if unable to upgrade immediately.
https://wordpress.org/plugins/akismet/
As always FutureQuest encourages anyone running any scripts, such as
WordPress, to ensure they maintain the most up to date version and install
any patches released to reduce the chances of a compromise of your site.
This also includes any plugins, addons and themes...
It is always best to subscribe to any Security or Update mailing list provided
by the Authors of the script(s) you are running.
The FutureQuest Team
Linear Mode
