以下这封邮件是来自ICDSoft,从这个地方也可以看出ICDSoft是一体值得信赖的主机提供商。Sucuri安全公司的研究人员发现,所有使用genericons图标字体数据包的WordPress插件或主题均受到基于DOM的跨站脚本漏洞,原因是genericons中包含一个不安全的文件example.html。但请根据这封邮件的提示,升级你的WordPress或者删除这个文件。
Dear xxx,
Recently, a critical 0-day vulnerability was discovered in the Genericons package, which comes with the popular Jetpack plugin and the TwentyFifteen theme of WordPress. The latter is installed by default with all recent WordPress installations/updates. The vulnerability represents a DOM-based XSS (cross-site scripting), and it allows attackers to modify the execution of scripts in the user/visitor browser. For example, if a site administrator is tricked to click on a link while logged in to the WordPress site, the attacker could gain control over the site.
As the vulnerability affects millions of sites on the Internet, we took proactive steps to secure automatically all WordPress installations on our servers. On May 6, we set permissions 000 to the "genericons/example.html" files on your accounts, and later deleted these files from the server. A full list of the affected files can be found below.<!--more-->
The "example.html" file is not necessary for the operation of a WordPress installation.
A general security precaution is to always keep your software up to date, along with its plugins and themes.
If you need any additional information, you can always contact us through our support site http://www.suresupport.com.
Best regards,
ICDSoft Team
----------------------
Domain name xxx.com:
- /home/xxx/xxx/www/wp-content/themes/twentyfifteen/genericons/example.html
----------------------
NOTE: This message comes from a "noreply" mailbox. Please do not reply directly to it. If you need to get in touch with us, please use our support ticketing system at http://www.suresupport.com.
如果你也是ICDSoft的用户,那你放心吧,客服已帮你清除此脚本漏洞。