WordPress Akismet XSS Vulnerability

WordPressAkismetXSS security vulnerabilityUpgrade Akismet to alteast version 3.1.5 to fix the security flaw

This vulnerability affects everyone using Akismet version 3.1.4 and lower and have the WordPress “Convert emoticons to graphics on display“ option enabled, which is the case by default on any new WordPress installation. The issue can be found in the way Akismet deals with hyperlinks present inside the site’s comments, which could allow an unauthenticated attacker with good knowledge of WordPress internals to insert malicious scripts in the Comment section of the administration panel. Doing this could lead to multiple exploitation scenarios, including a full site compromise. To protect your website against thist exploit please upgrade your Akismet plugin to atleast 3.1.5. For more information from Akismet on this exploit please read their press release.

Stormy Scott
Stormy Scott Content Marketing Writer

Stormy is a Content Marketing Writer at InMotion Hosting. Her content focus is WordPress, web design, and help articles for small businesses.

More Articles by Stormy

Was this article helpful? Let us know!