all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WordPress Core

Add to bookmarks
April 10, 2024, 5:05 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

WordPress 6.5.2 was released yesterday, on April 9, 2024. It included a single security patch, along with a handful of bug fixes. The security patch was for a Stored Cross-Site Scripting vulnerability that could be exploited by both unauthenticated users, when a comment block is present on a page, and by authenticated users who have access to the block editor such as contributors.


All Wordfence users are protected against exploits targeting this vulnerability through unauthenticated methods. Wordfence PremiumWordfence …

april block bug cross-site exploited fixes page patch scripting security security patch single unauthenticated vulnerability wordpress

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Graph: Growing number of threats leveraging Microsoft API 53 minutes ago | malware.news
api article blogs cloud +12
The Future of Passwordless Authentication in Cybersecurity an hour ago | malware.news
actions authentication biometric clicking +15
Vulnerability in CraftBeerPi 4 software an hour ago | malware.news
article cert cert polska cve +9
Operation PANDORA shuts down 12 phone fraud call centres 2 hours ago | malware.news
bank call cash customer +16
Security Awareness Service Release on April 29, 2024 3 hours ago | malware.news
april article awareness delivery +12
“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps 4 hours ago | malware.news
android android apps application applications +24
Microsoft named overall leader in KuppingerCole Leadership Compass for ITDR 4 hours ago | malware.news
article blog community compass +11
Release Notes: YARA Search, New Rules, Config Extractors, and More 5 hours ago | malware.news
any.run april config data +22
2023 Activities Summary of SectorJ groups (KOR) 6 hours ago | malware.news
ransomware

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Premium Hub - CoE: Business Process Senior Consultant, SAP Security Role and Authorisations & GRC

@ SAP | Dublin 24, IE, D24WA02
View on infosec-jobs.com

Product Security Response Engineer

@ Intel | CRI - Belen, Heredia
View on infosec-jobs.com

Application Security Architect

@ Uni Systems | Brussels, Brussels, Belgium
View on infosec-jobs.com

Sr Product Security Engineer

@ ServiceNow | Hyderabad, India
View on infosec-jobs.com

Analyst, Cybersecurity & Technology (Initial Application Deadline May 20th, Final Deadline May 31st)

@ FiscalNote | United Kingdom (UK)
View on infosec-jobs.com
View more jobs