Cov kws tshawb fawb txog kev nyab xeeb los ntawm Wordfence thiab WebARX tau txheeb xyuas ntau qhov tsis zoo txaus ntshai hauv tsib plugins rau WordPress lub vev xaib cov ntsiab lus tswj hwm, suav nrog ntau dua ib lab kev teeb tsa.
- hauv plugin , uas muaj ntau tshaj 700 txhiab kev teeb tsa. Qhov teeb meem yog ntsuas qhov hnyav Qib 9 ntawm 10 (CVSS). Qhov tsis txaus ntseeg tso cai rau tus neeg siv cov ntaub ntawv pov thawj nrog cov neeg siv cov cai tshem tawm lossis zais (hloov cov xwm txheej rau cov ntawv tsis tau tshaj tawm) ib nplooj ntawv ntawm qhov chaw, nrog rau hloov lawv cov ntsiab lus ntawm nplooj ntawv.
Kom txhob raug hauv kev tso tawm 1.8.3. - hauv plugin , suav nrog ntau dua 200 txhiab kev teeb tsa (kev tawm tsam tiag tiag ntawm cov chaw tau sau tseg, tom qab pib qhov twg thiab pom cov ntaub ntawv hais txog qhov tsis zoo, tus naj npawb ntawm kev teeb tsa tau poob mus rau 100 txhiab). Qhov tsis txaus ntseeg tso cai rau tus neeg tuaj saib tsis tau lees paub los tshem tawm cov ntsiab lus ntawm lub vev xaib database thiab rov pib dua cov ntaub ntawv mus rau lub xeev tshiab. Yog tias muaj ib tus neeg siv npe hu ua admin hauv cov ntaub ntawv, ces qhov tsis zoo kuj tso cai rau koj kom tau txais kev tswj hwm tag nrho ntawm lub xaib. Qhov tsis zoo yog tshwm sim los ntawm qhov tsis ua pov thawj rau tus neeg siv sim tawm cov lus txib uas muaj cai los ntawm /wp-admin/admin-ajax.php tsab ntawv. Qhov teeb meem yog kho nyob rau hauv version 1.6.2.
- hauv plugin , siv rau 44 txhiab qhov chaw. Qhov teeb meem no tau muab qhov hnyav ntawm 9.8 tawm ntawm 10. Qhov tsis muaj peev xwm tso cai rau tus neeg siv tsis raug lees paub los ua lawv cov lej PHP ntawm tus neeg rau zaub mov thiab hloov pauv tus neeg tswj hwm tus account los ntawm kev xa daim ntawv thov tshwj xeeb ntawm REST-API.
Cov xwm txheej ntawm kev siv qhov tsis zoo tau raug kaw rau hauv lub network, tab sis qhov hloov tshiab nrog kev txhim kho tseem tsis tau muaj. Cov neeg siv tau qhia kom tshem tawm cov plugin no sai li sai tau. - hauv plugin , suav nrog 60 txhiab kev teeb tsa. Qhov teeb meem tau muab qhov hnyav ntawm 8.8 tawm ntawm 10. Qhov tsis muaj peev xwm tso cai rau txhua tus neeg tuaj saib xyuas qhov tseeb, suav nrog cov neeg siv cov cai, txhawm rau nce lawv cov cai rau tus thawj coj hauv chaw lossis nkag mus rau wpCentral tswj vaj huam sib luag. Qhov teeb meem yog kho nyob rau hauv version 1.5.1.
- hauv plugin , nrog txog 65 txhiab kev teeb tsa. Qhov teeb meem tau muab qhov hnyav ntawm 10 tawm ntawm 10. Qhov tsis zoo tso cai rau tus neeg siv tsis tau lees paub los tsim ib tus account nrog cov cai tswj hwm (plugin tso cai rau koj los tsim cov ntawv sau npe thiab tus neeg siv tuaj yeem hla ib qho ntxiv nrog rau tus neeg siv lub luag haujlwm, assigning nws qib admin). Qhov teeb meem yog kho nyob rau hauv version 3.1.1.
Ntxiv rau, nws tuaj yeem sau tseg networks rau faib Trojan plugins thiab WordPress ntxhais. Cov neeg tawm tsam tau tso pirated luam theej ntawm cov plugins them nyiaj rau ntawm qhov chaw tsis tseeb cov npe, uas yav dhau los tau koom ua ke ib qho rov qab rau hauv lawv kom tau txais kev nkag mus rau cov chaw taws teeb thiab rub tawm cov lus txib los ntawm kev tswj hwm server. Thaum ua haujlwm, cov cai tsis zoo tau siv los ntxig cov lus phem lossis kev dag ntxias (piv txwv li, ceeb toom txog qhov yuav tsum tau nruab ib qho antivirus lossis hloov kho koj lub browser), nrog rau kev tshawb fawb cav optimization los txhawb cov chaw uas faib cov plugins phem. Raws li cov ntaub ntawv ua ntej, ntau tshaj 20 txhiab lub vev xaib raug cuam tshuam nrog cov plugins no. Ntawm cov neeg raug tsim txom yog ib qho kev lag luam mining platform, kev lag luam lag luam, lub txhab nyiaj, ntau lub tuam txhab loj, tus tsim tawm kev daws teeb meem rau kev them nyiaj siv credit cards, IT tuam txhab, thiab lwm yam.
Tau qhov twg los: opennet.ru