Skyscraper Technique In SEO: The Best Way To Gain Backlinks In 2024
Apr 26, 2024
WordPress Update Rolls Out Version 6.4.2 To Address Critical Security Issue.
WordPress rolled out its new W6.4.2 update as an “emergency WordPress update” to fix a severe security issue. The platform also requests people to update to the latest version “as soon as possible.”
WordPress is one of the biggest website creation and hosting platforms, powering over 60% of all websites on the internet. Therefore, any security issue due to a bug in the tool can lead to the downfall of half of all websites on the internet.
Recently, after the WordPress 6.4.0 version update was rolled out, the developers found an irregularity in the program.
There appears to be a significant security vulnerability in the latest update that allows hackers to execute a PHP code and completely take control of a website.
As their developers explain, this security loophole was first seen in a new WordPress update. While this update is meant to improve HTML parsing while you are using the block editor, executing a PHP code there can lead to more malicious acts.
This feature was introduced in version 6.4.0. Therefore, only users using WordPress 6.4.0 and 6.4.1 are at risk here. You are not at risk here if you are still using an older version. However, the developers urge all users to update to the latest version.
This is what the WordPress developers have said regarding this issue:
“A Remote Code Execution vulnerability that is not directly exploitable in core, however the security team feels that there is a potential for high severity when combined with some plugins, especially in multisite installs.”
Moreover, this is what WordFence has to say regarding this vulnerability:
“Since an attacker able to exploit an Object Injection vulnerability would have full control over the on_destroy and bookmark_name properties, they can use this to execute arbitrary code on the site to gain complete control quickly.
While WordPress Core currently has no known object injection vulnerabilities, they are rampant in other plugins and themes. The presence of an easy-to-exploit POP chain in WordPress core substantially increases the danger level of any Object Injection vulnerability.”
Therefore, if you are using WordPress version 6.4.0 and above, we recommend you update WordPress immediately.
Also read
Debamalya is a professional content writer from Kolkata, India. Constantly improving himself in this industry for more than four years, he has amassed immense knowledge regarding his niches of writing tech and gaming articles. He loves spending time with his cats, along with playing every new PC action game as soon as possible.
View all PostsRecent Posts
Skyscraper Technique In SEO: The Best Way To ...
Apr 26, 2024
The Best Broken Link Building Guide To Get Mo...
Apr 26, 2024
Tips to Work on Marketing in Your Company
Apr 24, 2024
SEO Evolution: Exploring Latest Updates and T...
Apr 03, 2024
Creating Successful Marketing Automation Stra...
Apr 01, 2024
