On November 24, the New York State Office of Information Technology Services issued an advisory regarding multiple vulnerabilities in WordPress content management versions prior to 4.0.1.
“Successful exploitation of the vulnerabilities could result in an attacker gaining unauthorized access, by passing security restrictions, injecting scripts or HTML, and stealing cookies. Depending on the privileges gained, an attacker should install programs; view change or delete data; or create user accounts with full user rights.”
WordPress manages web content for close to a fifth of websites on the Internet and is therefore an appealing target for hackers. It is also highly-exploitable due to many vulnerabilities in WordPress forms.
The risk is considered to be high for businesses large and small, government entities, and home users alike. EdgeWave’s EPIC iPrism web threat protection blends Military Grade human analysis with Zero Minute Defense, an exclusive behavior-based technology that detects cyber threats in real-time. Visit www.edgewave.com or call 1-800-782-3762 to see how easy and affordable it is to defend your valuable information assets.