Christina Warren says, “

If your website runs on a self-hosted WordPress installation or on Drupal, update your software now.

Nir Goldshlager, a security researcher from Salesforce.com’s product security team, has discovered an XML vulnerability that impacts the popular website platforms WordPress and Drupal.

The vulnerability uses a well-known XML Quadratic Blowup Attack — and when executed, it can take down an entire website or server almost instantly.

This is a big deal because WordPress and Drupal are used by millions of websites. The latest statistics from the World Wide Web Consortium (WC3) show WordPress alone powers nearly 23% of the web”.

Major Security Vulnerability in WordPress, Drupal Could Take Down Websites

Mashable
Sharing is caring