Mega-popular blogging and content management system WordPress has just put out version 3.6.1.
Since it’s a maintenance release (an update from 3.6), it doesn’t have a huge raft of new features, but it does fix three security holes.
One of them is a Remote Code Execution vulnerability reported by a young Belgian web application security researcher named Tom Van Goethem.
Now that the fix is out, Van Goethem has published a very detailed description of the bug and the steps he went through to uncover it.
SOURCE: nakedsecurity.sophos.com
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
