Iranian Hackers Reveal WordPress Vulnerabilities

May 12, 2015

On May 10, 2015, the Iranian hacker group FullSecurity announced the discovery of two vulnerabilities in the WordPress platform. The vulnerabilities related to cross site scripting in WordPress plugins, and apply to all versions prior to 4.2.1. They allow the malicious uploading of arbitrary files that enable remote commands.

Source:, May 10, 2015.