Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
A
A
Alexey Tipa2019-03-19 14:15:25
XSS
Alexey Tipa, 2019-03-19 14:15:25

How do I know that my Wordpress site does not contain xss vulnerabilities?

I am noob.
Received a warning from the hosting company that the files are:
/home/moysite/public_html/wp-includes/formatting.php
/home/moysite/public_html/wp-includes/comment.php
/home/moysite/public_html/wp-admin /includes/ajax-actions.php
...XSS vulnerabilities found.
The current version of WP is 4.8.8
The panel proposes to upgrade WP to version 5.1.1
Will the upgrade be sufficient? Or do you need to do something special to protect yourself?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
A
Alex, 2019-03-19
@Kozack

Update DEFINITELY !
Most of the problems with the WP are due to outdated software and leaky plugins.
You don't have to worry about the core itself. If a vulnerability becomes known, the developers will fix it as quickly as possible. You only need to update on time.

Report
L
lamer350, 2019-03-19
@lamer350

https://blog.ripstech.com/2019/wordpress-csrf-to-rce/

Similar questions
T
Tema Ovchinnikov2017-05-02 03:29:48
Should I remove all characters from $_GET['submit']? 1Reply
K
komarevtsev2017-07-11 04:16:34
How to properly protect against xss? 3Reply
K
komarevtsev2017-07-21 09:38:05
XSS on page for internal use? 2Reply
N
NO1nam2020-01-24 15:40:37
How to replace the script? 3Reply
B
BonBon Slick2017-12-26 21:58:09
What are the main methods of protecting the service API? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question