WordPress Hit by Password-Reset Vulnerability

Researchers are sounding the alarm for a serious administrator password-reset vulnerability affecting the latest version of WordPress, the popular open-source blog publishing platform.
The flaw, which can be exploited via the browser, gives an attacker a trivial way to compromise the admin account of any WordPress of WordPress MU (multiple user) installation.  Read the full story [zdnet.com]  Also see ISC SANS diary entry [sans.org]

Researchers are sounding the alarm for a serious administrator password-reset vulnerability affecting the latest version of WordPress, the popular open-source blog publishing platform.

The flaw, which can be exploited via the browser, gives an attacker a trivial way to compromise the admin account of any WordPress of WordPress MU (multiple user) installation.  Read the full story [zdnet.com]  Also see ISC SANS diary entry [sans.org]

 

Suggested articles