all InfoSec news
The WordPress 6.4.3 Security Update – What You Need to Know
Malware Analysis, News and Indicators - Latest topics malware.news
Today, January 30, 2024, WordPress released version 6.4.3, which contains two security patches for longstanding, albeit minor, security concerns in WordPress Core.
The first patch addresses an issue that allows users with Administrator (or Super Administrator on Multisite) privileges to upload PHP files directly to a site via the Plugin and Theme file upload mechanism. This is only a concern in heavily locked-down configurations that disallow Administrators and Super Administrators from installing plugins and themes via a separate mechanism. …
addresses administrator files issue january patch patches php privileges security security concerns security patches security update super today update upload version wordpress