Wordpress Super Cache Plugin - XSS Vulnerability


The Irrational One
Retired Staff
Just got this email from NCCIC.


National Cyber Awareness System:

WP Super Cache Cross-Site Scripting (XSS) Vulnerability

04/09/2015 05:59 PM EDT

Original release date: April 09, 2015

WP Super Cache, a WordPress plugin, contains a persistent XSS vulnerability in versions prior to 1.4.4. Exploitation of this vulnerability could allow a remote attacker to take control of the affected system.

Users and administrators are encouraged to review the WP Super Cache Changelog for more information and update to version 1.4.4 if affected.
WP Super Cache is one of the more popular Wordpress plugins, so definitely worth noting and updating.