Warning: Wordpress security hole 5.2.3 - Remote Cross Site Host Modification - HOSTVN Blog

Diệp Quân November 21, 2019 0 Comments
wordpress security

Recently a security hole was found on the latest version of wordpress, version 5.2.3


wordpress security


Attack script



  • This attack can bypass simple WAF (Web Application Firewall) to access restricted content on web server, such as phpMyAdmin.

  • This attack could compromise your WordPress site with content from the default vhost.


Solution



  • Set security headers for webserver and no-cache for Cache-Control


There are no any updates from wordpress for this vulnerability and the POC (Exploit Exploiting Tool) has been spread publicly on the network. So you need to check and enhance the security of your website as well as backup data regularly to avoid unfortunate cases.



  • Instructions to use .htaccess file to enhance security for WordPress website

  • Some configuration settings in wp-config help improve WordPress security


The post Warning: Wordpress security vulnerability 5.2.3 - Remote Cross Site Host Modification appeared first on HOSTVN Blog.

Tags
Related Article
Diệp Quân

Posted byDiệp Quân

Nguyen Manh Cuong is the author and founder of the vmwareplayerfree blog. With over 14 years of experience in Online Marketing, he now runs a number of successful websites, and occasionally shares his experience & knowledge on this blog.

0 Comments

×