Na blogu Sucuri dnes vy\u0161lo upozorn\u011bn\u00ed na zranitelnost, kter\u00e1 zas\u00e1hne doslova miliony u\u017eivatel\u016f po cel\u00e9m sv\u011bt\u011b. \u010casto pou\u017e\u00edvan\u00e9 funkce add_query_arg a remove_query_arg je pot\u0159eba p\u0159ed jejich pou\u017eit\u00edm escapovat, proto\u017ee samy o sob\u011b escapov\u00e1n\u00ed neobsahuj\u00ed.<\/p>\n

\u0158ada v\u00fdvoj\u00e1\u0159\u016f v\u0161ak spol\u00e9h\u00e1 na Codex, kde toto nen\u00ed jasn\u011b uvedeno. Probl\u00e9m byl detekov\u00e1n t\u00fdmek kolem pluginu WordPress SEO by Yoast a tento plugin ji\u017e m\u00e1 bezpe\u010dnostn\u00ed aktualizaci.<\/p>\n

Seznam plugin\u016f, kter\u00fdch se probl\u00e9m t\u00fdk\u00e1:<\/p>\n

\n
• Jetpack<\/a><\/li>\n
• WordPress SEO<\/a><\/li>\n
• Google Analytics by Yoast<\/li>\n
• All In one SEO<\/li>\n
• Gravity Forms<\/li>\n
• V\u00edce plugin\u016f od\u00a0Easy Digital Downloads<\/a><\/li>\n
• UpdraftPlus<\/li>\n
• WP-E-Commerce<\/li>\n
• WPTouch<\/li>\n
• Download Monitor<\/a><\/li>\n
• Related Posts for WordPress<\/a><\/li>\n
• My Calendar<\/a><\/li>\n
• P3 Profiler<\/li>\n
• Give<\/a><\/li>\n
• \u0158ada\u00a0iThemes<\/a>\u00a0produkt\u016f v\u010detn\u011b Builder a Exchange<\/li>\n
• Broken-Link-Checker<\/li>\n
• Ninja Forms<\/li>\n<\/ul>\n

  D\u00e1 se v\u0161ak p\u0159edpokl\u00e1dat, \u017ee v\u00fd\u010det nen\u00ed \u00fapln\u00fd a aktualizace budou p\u0159ib\u00fdvat i u dal\u0161\u00edch plugin\u016f.<\/p>\n

  Nev\u00e1hejte tedy s aktualizac\u00ed va\u0161ich plugin\u016f. Zdroj \u010dl\u00e1nku<\/a><\/p>\n

   <\/p>\n

  Nechcete se zdr\u017eovat s kontrolami aktualizac\u00ed plugin\u016f a sledov\u00e1n\u00edm bezpe\u010dnostn\u00edch upozorn\u011bn\u00ed? Objednete si pravidelnou kontrolu va\u0161eho webu.<\/strong><\/h2>\n

  <\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

  Na blogu Sucuri dnes vy\u0161lo upozorn\u011bn\u00ed na zranitelnost, kter\u00e1 zas\u00e1hne doslova miliony u\u017eivatel\u016f po cel\u00e9m sv\u011bt\u011b. \u010casto pou\u017e\u00edvan\u00e9 funkce add_query_arg a remove_query_arg je pot\u0159eba p\u0159ed jejich pou\u017eit\u00edm escapovat, proto\u017ee samy o sob\u011b escapov\u00e1n\u00ed neobsahuj\u00ed. \u0158ada v\u00fdvoj\u00e1\u0159\u016f v\u0161ak spol\u00e9h\u00e1 na Codex, kde toto nen\u00ed jasn\u011b uvedeno. Probl\u00e9m byl detekov\u00e1n t\u00fdmek kolem pluginu WordPress SEO by Yoast<\/p>\n","protected":false},"author":1,"featured_media":1775,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-2377","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bezpecnost-wordpressu"],"_links":{"self":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts\/2377"}],"collection":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/comments?post=2377"}],"version-history":[{"count":0,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/posts\/2377\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/media\/1775"}],"wp:attachment":[{"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/media?parent=2377"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/categories?post=2377"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/affinite.io\/cs\/wp-json\/wp\/v2\/tags?post=2377"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}