2nd July 2018/ CYBER NEWS
WordPress fix long overdue
It’s now seven months since researchers notified WordPress that its CMS contained a vulnerability that allows a user with limited privileges to deploy the ‘thumbnail delete’ function to take control of a website.
So far, WordPress has failed to issue a fix; despite the fact that a malicious party – whether an external hacker who has nefariously gained accreditation or a malicious employee abusing their author account – could exploit this glitch to execute code, delete content or hijack the site by issuing a new admin account.
While a hotfix can be implemented to resolve the issue, it is hoped that the eagerly-awaited update of the WordPress CMS software will rectify the problem once and for all.