Researcher goes public with WordPress CSP bypass hack

[ad_1]


John Leyden

01 June 2022 at 16:40 UTC

Updated: 01 June 2022 at 17:00 UTC

Technique skirts web security controls

A security researcher has discovered a neat, albeit partially developed, technique to bypass CSP (Content Security Policy) controls within WordPress environments

A security researcher has discovered a neat, albeit partially developed, technique to bypass CSP (Content Security Policy) controls using WordPress.

The hack, discovered by security researcher Paulos Yibelo, relies on abusing same origin method execution.

This technique uses JSON padding to call a function. That’s the sort of thing that might allow the compromise of a WordPress account…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *