• No events
AEC v1.0.4

Cyber Security Info

Critical WordPress vulnerability allows MITM attacks

May 28, 2014

Share Button

Security researcher Yan Zhu has found a critical vulnerability in the popular content management platform WordPress. The vulnerability allows attacker with control over the network (e.g. public Wi-Fi) to steal user’s “wordpress_logged_in” cookie and effectively take control over his/her account. The hack works even in the case of enabled two factor authentication.

Share Button