WordPress Hack With A Single Comment
From the blog ayeshajamal*WordPress 4.2 was launched a few days ago and only in a couple of hours version 4.2.1 was released and was touted a ‘Critical Security Update‘. That was because of a cross-site-scripting (XSS) vulnerability that could cause WordPress hack with just a single comment.* *[image: WordPress Hack]* *[image: wordpress hack]* *Finnish security researcher,Jouko Pynnönen, discovered a critical zero-day vulnerability in the core engine of the WordPress content management system. This vulnerability allowed WordPress sites to be hacked using a single comment. Generally, WordPress comments have to be approved by the Admin, but what happens is that hackers write a harmless comment and get themselves approved. After that they inject the comment with the hacking code into the website.* *pakistanblogs.blogspot.comOpen Full Post