EU Regulating InfoSec: How Detectify helps achieving NIS 2 and DORA compliance
**Disclaimer: The content of this blog post is for general information purposes only and is not legal advice. We are very passionate about cybersecurity rules and …
Are you running WordPress 4.2.0 to 4.5.1? Time to upgrade to 4.5.2!
It was recently discovered that WordPress versions 4.2.0 to 4.5.1 are vulnerable against a reflected XSS vulnerability in a specific WordPress SWF-file: flashmediaelement.swf. The vulnerability could lead to leaked WordPress credentials, or be used as a stepping stone to more severe attacks.
3 things you can do to protect your website:
- Upgrade to WordPress version 4.5.2 as soon as possible.
- Remove the flashmediaelement.swf file (if you do not know how to proceed, the best option is to simply upgrade the WordPress-version).
- A third option is to limit the allowed IP addresses to your office or VPN IP.
As always, we recommend you to run regular security tests on your website to keep up with all the latest vulnerabilities.
Stay safe!
Check out more content
A practitioner’s guide to classifying every asset in your attack surface
TLDR: This article details methods and tools (from DNS records and IP addresses to HTTP analysis and HTML content) that practitioners can use to classify …
