Recent reports from Web security firm, Sucuri reveals that a WordPress plugin vulnerability affecting all websites that are using genericons package.
Other people are reading : Apple Wants To Make Spotlight Into A Serious Web Search Engine
Over one million sites which are using the TwentyFifteen theme and JetPack plugin are vulnerable. Actually any plugin which includes example.html is vulnerable as this file comes with genericons package.
How to fix WordPress Genericons Package Vulnerability:
It is really easy to fix genericons package vulnerability. You just need to remove the example.html file from genericons package, as this is an unnecessary file.
Sucuri has decteted this vulnerability even before it was disclosed. Due to the quick response time, this vulnerability have low severity.
Also See : Vulnerability Found in Latest Versions of WordPress, Patch Now Available
Lets see some more technical details of genericons package vulnerability:
Here is the list of hosts that have rolled out the virtual patch:
Also read : ISIL Defacements Exploiting WordPress Vulnerabilities
If your website is hosted on any one of these hosting providers then you need not to worry about genericons package vulnerability. But if your website is hosted with some different hosting provider, then you have to manually fix this issue. I personally recommend you to remove the example.html from genericons directory to secure your site.
 |
| Millions of WordPress Websites Affected By Plugin Vulnerability : eAskme |
Over one million sites which are using the TwentyFifteen theme and JetPack plugin are vulnerable. Actually any plugin which includes example.html is vulnerable as this file comes with genericons package.
How to fix WordPress Genericons Package Vulnerability:
It is really easy to fix genericons package vulnerability. You just need to remove the example.html file from genericons package, as this is an unnecessary file.
Sucuri has decteted this vulnerability even before it was disclosed. Due to the quick response time, this vulnerability have low severity.
Also See : Vulnerability Found in Latest Versions of WordPress, Patch Now Available
Lets see some more technical details of genericons package vulnerability:
Here is the list of hosts that have rolled out the virtual patch:
- ClickHost
- DreamHost
- GoDaddy
- HostPapa
- Inmotion
- Pressable
- Pagely
- WPEngine
- SiteGround
- Site5
- Websynthesis
Also read : ISIL Defacements Exploiting WordPress Vulnerabilities
If your website is hosted on any one of these hosting providers then you need not to worry about genericons package vulnerability. But if your website is hosted with some different hosting provider, then you have to manually fix this issue. I personally recommend you to remove the example.html from genericons directory to secure your site.
