all InfoSec news
Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WordPress Core
Malware Analysis, News and Indicators - Latest topics malware.news
WordPress 6.5.2 was released yesterday, on April 9, 2024. It included a single security patch, along with a handful of bug fixes. The security patch was for a Stored Cross-Site Scripting vulnerability that could be exploited by both unauthenticated users, when a comment block is present on a page, and by authenticated users who have access to the block editor such as contributors.
All Wordfence users are protected against exploits targeting this vulnerability through unauthenticated methods. Wordfence Premium, Wordfence …
april block bug cross-site exploited fixes page patch scripting security security patch single unauthenticated vulnerability wordpress