Tag Archives: been-patched

A critical zero-day WordPress XSS vulnerability disclosed late Sunday night has been patched with the Monday release of WordPress 4.2.1. The cross-site scripting vulnerabilityallows an attacker to execute malicious code via plugin and theme editors when an administrator running WordPress 4.2 views a JavaScript-injected comment. Continue reading →