Pulagi yodziwika bwino ya WordPress yotchedwa "Easy WP SMTP Plugin" yokhala ndi makhazikitsidwe opitilira 1,000 angopeza chiwopsezo., zomwe zimalola wowukira kuwongolera tsamba. Vuto mu pulogalamu yowonjezera iyi ya WordPress limalola ma cyberpunks, bwerezani chinsinsi cha admin ndikupeza chilolezo chonse cha webusayiti.
Die festgestellte Sicherheitsanfälligkeit befindet sich in der Debug-Protokolldatei, yomwe ili pachiwopsezo chifukwa cha cholakwika chachikulu momwe plug-in imayendera chikwatu. Mapulagini chikwatu pa seva ndi owona, kusungidwa ndi ogwiritsa ntchito, zomwe nthawi zambiri zimakhala ndi index.html file yopanda kanthu. Cholinga cha fayiloyi ndikuchita izi, kuteteza wina, yendani ku fodayo ndikuwona mndandanda wamafayilo omwe ali mufodayo.
Ngati wina awonera mndandanda wamafayilo awa, angakhale akupeza mafayilowa, vuto ndi chiyani.
Foda, pomwe fayilo yolemba zolakwikayi ilipo, ilibe fayilo ya index.html. Pa maseva, pomwe mndandanda wazolozera suyimitsidwa, Mwachikhazikitso, slob yoyipa imatha kupeza fayiloyi.
Choyamba, amapeza dzina lolowera la admin kuchokera patsamba la WordPress. amayesa, kuthyolako pogwiritsa ntchito njira zodziwika.
Kenako amapita patsamba lolowera la WordPress ndikutumiza pempho kuti mukhazikitsenso password ya akaunti ya administrator.
Imawapatsanso mwayi wopeza mafayilo a log debug ndikubwezeretsanso ulalo wokhazikitsanso mawu achinsinsi, yotumizidwa ndi tsamba la WordPress. Mukalowa ulalowu, lowetsani, bwererani achinsinsi ndiyeno kusangalala ndi mwayi wonse kwa malo.
Dieses Schwachstellen-Plug-In verwaltet ein Änderungsprotokoll, yomwe imalemba zosintha zonse pazosintha zilizonse. Chosinthacho chiyenera kuwerengedwa, kuti wosuta azindikire, zomwe zidapangidwa.
Pamene chiwopsezo chapezeka, ndi zomwe opanga mapulagi-mu nthawi zambiri amapeza, kuti chiwopsezocho chidzachotsedwa. Izi zimapatsa wopanga WordPress chidziwitso, zomwe amafunikira, kupanga chisankho mwanzeru. Chizindikiro chosintha, kudziwitsa wofalitsa za izo, kuti kusinthaku kumayambitsa chiwopsezo chachitetezo, amalola wosindikiza, pangani chisankho chodziwitsidwa chokhudza kukonzanso pulagi, kupewa kuwukira owononga.
Zimalimbikitsidwa kwambiri, kuti onse ogwiritsa ntchito pulogalamu yowonjezera ya Easy WP SMTP amakweza ku mtundu wapamwamba kuposa mtundu 1.4.2 Kusintha.