C?nh b�o v? l? h?ng b?o m?t XSS ch�a ��?c v� trong WordPress

C?nh b�o v? l? h?ng b?o m?t XSS ch�a ��?c v� trong WordPress

0-day Security WordPress xss

Theo ngu?n tin c?nh b�o t? group HVA th? WordPress �ang d�nh l? h?ng b?o m?t Stored XSS c?c k? nghi�m tr?ng t?i ph?n b?nh lu?n v� b�i vi?t (c? th? l� ? ti�u �? c?a b�i vi?t). T? �? x�c nh?n l?i b?ng c�ch ki?m th? v?i phi�n b?n WordPress 4.6.1 tr�n Localhost.

L? h?ng ?nh h�?ng t?i c�c phi�n b?n t? 4.6.1 tr? xu?ng (t?c l� bao g?m c? phi�n b?n m?i nh?t). Hi?n t?i ph�a WordPress ch�a c� b?n c?p nh?t n�o.

V?i hai l? h?ng XSS n�y, hacker ho�n to�n c� th? t?i web-shell l�n trang web c?a b?n. Xem video demo trong b�i vi?t n�y �? h?nh dung ��?c m?c �? nguy hi?m.
Read More

Unknown Pada 17:40 Komentar

Hack c�c trang WordPress tr�n shared server nh� th? n�o?

Hack c�c trang WordPress tr�n shared server nh� th? n�o?

Security Vulnerability WordPress

M?t trang web ch? an to�n nh� m?t x�ch y?u nh?t tr�n shared server c?a n�. M?t khi hacker chi?m ��?c quy?n truy c?p v�o m?t trang tr�n server, h? c� th? d? d�ng x�m nh?p v�o c�c trang kh�c n?m tr�n c�ng m�y ch? c� c�ng quy?n h?n. �i?u n�y g?i l� cross-site contamination. Khi �i?u t��ng t? x?y �?n v?i c�c trang web s? d?ng WordPress th? n� c�ng tr? n�n nguy hi?m v? c�c hacker �? n?m r? c?u tr�c core trong l?ng b�n tay.
Read More

Unknown Pada 00:17 Komentar

L? h?ng DOM XSS trong WordPress SEO by Yoast

L? h?ng DOM XSS trong WordPress SEO by Yoast

exploit Vulnerability WordPress xss

WordPress SEO by Yoast - DOM XSS Vulderability

M?t l? h?ng DOM XSS trong plugin WordPress SEO by Yoast �? ��?c b�o c�o 2 n�m tr�?c b?i m?t th�nh vi�n c� t�n t�i kho?n "badconker". T�c gi? c?a plugin n�i r?ng n� �? ��?c v� nh�ng nh� b?o m?t Charles Neill ph�t hi?n ra d�?ng nh� l? h?ng �? xu?t hi?n tr? l?i. N?u b?n �ang s? d?ng plugin n�y, t�i khuy�n b?n n�n c?p nh?t ngay l�n phi�n b?n m?i nh?t (2.2.1).

Read More

Unknown Pada 06:05 Komentar