X CLOSE

Enter your email below to sign up for latest updates from Appcheck NG.

Monthly Archives: May 2016

WordPress 4.5.1 Cross-Site Scripting (CVE-2016-4566)

WordPress versions 4.5.1 and earlier are affected by a XSS vulnerability through Plupload,the third-party library WordPress uses for uploading files. WordPress versions 4.2 through 4.5.1 are vulnerable to reflected XSS using specially crafted URIs through MediaElement.js, the third-party library used for media players. MediaElement.js and Plupload have also released updates fixing these issues. Scanning WordPress AppCheck NG includes […]

Read More

Critical Security Flaw in ImageMagick (imagetragick)

A vulnerability with a widely deployed image processing library was disclosed on the 5th of May 2016. Within an hour of the disclosure AppCheck NG was updated to detect the flaw. From the original advisory: “There are multiple vulnerabilities in ImageMagick, a package commonly used by web services to process images. One of the vulnerabilities can […]

Read More