WordPress XXE injection vulnerability could allow attackers to remotely steal host files


Jessica Haworth

27 April 2021 at 15:01 UTC

Updated: 27 April 2021 at 15:06 UTC

Researchers provide technical details of bug that was fixed in latest security release

An XML External Entity (XXE) injection bug in WordPress could allow attackers to remotely steal a victim’s files, researchers have revealed.

Security researchers at SonarSource who discovered the vulnerability published a blog post today (April 27) that provides technical details on the now-patched bug.

Read more of the latest…


More Info

About mblog.my

Check Also

Rocket.net Managed WordPress Hosting Platform Receives Strategic Investment from HostPapa | News

WEST PALM BEACH, Fla., May 12, 2021 /PRNewswire-PRWeb/ — Rocket.net, the complete Managed WordPress Hosting Platform, …

Leave a Reply

Your email address will not be published. Required fields are marked *