Apple

Security Update for WordPress and iOS


We have some alarming security update for WordPress and iOS. If you are using WordPress for your website and if you’re using iOS which most of the people I know 🙂 you need to continue reading this post.

Highly popular WordPress plugins vulnerableto XSS attacks. A security researcher from Scrutinizer discovered an issue with two coding functions used in many content management system (CMS) plugins created by WordPress developers that could allow attackers to run cross-site scripting (XSS) attacks and access sensitive areas of affected Web sites. The vulnerability was a result of improper documentation regarding external users’ ability to run commands via the functions.

Two functions widely used by WordPress developers to create plugins for the content management system (CMS) have been employed in a secure manner that allows ill-intentioned actors to run cross-site scripting attacks and reach sensitive areas of the website.

The list of vulnerable plugins contains at least 17 entries, some of them with over one million active installs, including Jetpack, WordPress SEO by Yoast, Google Analytics by Yoast, and All in One SEO Pack.

Source: http://news.softpedia.com/news/At-Least-17-Popular-WordPress-Plugins-Vulnerable-to-XSS-Attacks-478968.shtml

A bug in an older version of a widely used networking library for iOS and OS X, present in products from prominent developers, can be exploited to decrypt the secure traffic from an iOS app, allowing an attacker access to sensitive data like credentials and banking info.

Build 2.5.1 of open source AFNetworking is affected by a security vulnerability that disables SSL (secure sockets layer) certificate validation, permitting someone in a position to intercept the connection (man-in-the-middle attack) to read the encrypted information in plain text.

Almost 1,000 iOS apps are vulnerable

Source: http://news.softpedia.com/news/iOS-Apps-from-Developers-Vulnerable-to-HTTPS-Data-Decryption-478951.shtml

Advertisements

Categories: Apple, Online Buzz, Website

Tagged as: , ,

2 replies »

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s