Friday, May 5, 2017

Unpatched WordPress Password Reset Vulnerability Lingers

From ThreatPost:

Unpatched WordPress Password Reset Vulnerability Lingers

"A zero-day vulnerability exists in WordPress Core that in some instances could allow an attacker to reset a user’s password and gain access to their account.

Researcher Dawid Golunski of Legal Hackers disclosed the vulnerability on Wednesday via his new ExploitBox service. All versions of WordPress, including the latest, 4.7.4, are vulnerable, the researcher said."

No comments:

Post a Comment