WordPress Plugin Exploit Alert: Wordfence Security
Secunia has reported a XSS vulnerability in WordPress security plugin Wordfence Security, which can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
The vulnerability affects versions 3.3.5 and prior, and has been patched in the latest version (3.3.7). If you’re using this plugin, please update ASAP
The vulnerability was discovered by Eugene Dokukin aka MustLive.
See Also
XSS and IAA vulnerabilities in Wordfence Security for WordPress
Secunia Advisories release 15 – 20 daily security alerts compiled by IT experts. Sign up to receive third party software and Windows security alerts.