Knowledgebase-Discussions

WordPress 3.0.4 Important Security Update
31 Dec 2010 04:53 PM

    Here is a critical upgrade for WordPress users or webmasters to secure the WordPress blog from being hacked. Today, WordPress team released a critical upgrade as WordPress 3.0.4 as a security update for XSS vulnerability. There was a bug in WordPress sanitation library called KSES which may cause XSS Vulnerability. That means, malicious attackers may put some client side script in your blog’s web pages which may revoke your access to the admin dashboard.

    wordpressThru Cross-site Scripting i.e. XSS, people can bypass the client side security mechanism and  inject their script in your web pages or web applications. As per some reports on web, there are people who’s blogs were hacked due to such incident. Specially when you hosting server is not much secured, this kind of hack is possible without much effort. That’s why I always encourage newbies to avoid free hosting service providers. If you don’t want to spend much on hosting servers, then you should try free blogging platforms like Blogspot or WordPress.com.

    Anyways, here is the link to download WordPress 3.0.4 and upgrade your WordPress files. You may try upgrading from dashboard by using Auto-upgrade option as well.

    Tags: wordpress, release, XSS, security, Wordpress
    You are not authorized to post a reply.
    Discussions > Knowledgebase > Product Releases

    Tags

    Administration video RadEditor HTML file manager editor Getting Started module page security page management security roles delete control panel Document Manager DotNetNuke recycle bin taxonomy tags DMS release Permissions Admin DNN news articles tables Administrator wordpress user folder tab text vocabulary password template pages restore tutorial Ventrian News Article email user profile profile images cache Workflow links Document add provider Modules XSS maintenance Products blog