Maximize Your Market Share: A Guide to Boosting SEO with Share of Voice
Dec 17, 2024
Dec 17, 2024
Dec 17, 2024
Dec 16, 2024
Dec 16, 2024
Dec 14, 2024
Dec 14, 2024
Dec 14, 2024
Dec 12, 2024
Sorry, but nothing matched your search "". Please try again with some different keywords.
WordPress rolled out its new W6.4.2 update as an “emergency WordPress update” to fix a severe security issue. The platform also requests people to update to the latest version “as soon as possible.”
WordPress is one of the biggest website creation and hosting platforms, powering over 60% of all websites on the internet. Therefore, any security issue due to a bug in the tool can lead to the downfall of half of all websites on the internet.
Recently, after the WordPress 6.4.0 version update was rolled out, the developers found an irregularity in the program.
There appears to be a significant security vulnerability in the latest update that allows hackers to execute a PHP code and completely take control of a website.
As their developers explain, this security loophole was first seen in a new WordPress update. While this update is meant to improve HTML parsing while you are using the block editor, executing a PHP code there can lead to more malicious acts.
This feature was introduced in version 6.4.0. Therefore, only users using WordPress 6.4.0 and 6.4.1 are at risk here. You are not at risk here if you are still using an older version. However, the developers urge all users to update to the latest version.
This is what the WordPress developers have said regarding this issue:
“A Remote Code Execution vulnerability that is not directly exploitable in core, however the security team feels that there is a potential for high severity when combined with some plugins, especially in multisite installs.”
Moreover, this is what WordFence has to say regarding this vulnerability:
“Since an attacker able to exploit an Object Injection vulnerability would have full control over the on_destroy and bookmark_name properties, they can use this to execute arbitrary code on the site to gain complete control quickly.
While WordPress Core currently has no known object injection vulnerabilities, they are rampant in other plugins and themes. The presence of an easy-to-exploit POP chain in WordPress core substantially increases the danger level of any Object Injection vulnerability.”
Therefore, if you are using WordPress version 6.4.0 and above, we recommend you update WordPress immediately.
Also read
Mashum Mollah is the feature writer of SEM and an SEO Analyst at iDream Agency. Over the last 3 years, He has successfully developed and implemented online marketing, SEO, and conversion campaigns for 50+ businesses of all sizes. He is the co-founder of SMM.
View all PostsMaximize Your Market Share: A Guide to Boosti...
Dec 17, 2024Say Goodbye to Google AI Overview: A Quick Gu...
Dec 17, 202410 Must-Know Tips Before Hiring On-Page SEO S...
Dec 16, 2024What is Page Authority in SEO? Why It Matters...
Dec 16, 2024Mastering SEO Without Help: Can You Do SEO Yo...
Dec 14, 2024