Technology
WordPress security flaws: 800,000 sites running NextGen Gallery plugin potentially vulnerable to pwnage – The Daily Swig
Unpatched sites could get pwned – but admins must fall for social engineering
Unpatched sites could get pwned but admins must fall for social engineering
Users of NextGEN Gallery, the image management plugin for WordPress, have been urged to update their websites after the discovery of serious cross-site request forgery (CSRF) vulnerabilities.
The most serious of two flaws found by security researchers each residing in separate functions could lead to remote code execution (RCE) and stored cross-site scripting (XSS).
As a result, attackers could take control of a website,…
-
Noosa News19 hours agoQueensland GP accused of rape, sexual assault and torture pleads for bail despite ‘disturbing’ allegations
-
General19 hours agoDavid Littleproud’s own goal • Inside Story
-
General12 hours agoCoalition to chart path forward as family feud cooled
-
General22 hours agoDingo stabbed on K’gari (Fraser Island) after biting child