Category: Web Application Vulnerabilities

WordPress 2.3-4.8.2 – Host Header Injection in Password Reset – FIXED

WordPress 2.3-4.8.2 – Host Header Injection in Password Reset – FIXED

I fixed and personally sent the FIX for the known vulnerability such as CVE-2017-8295, which allows the administrator’s password reset in a WordPress site. I lowered the level of website advertising (I removed the popup) and will continue to lower them in the hope that there will be new donations for the work that we […]

Continue Reading