Discovery of a defect in one of the components of the platform, "WordPress"

Today the discovery of a security flaw in the default settings for one of the most plug-ins "Plug-ins" common in the blogging platform "WordPress", make blogs hosted by the platform vulnerable to data theft.The researcher said Jason Donnfeld, who discovered the flaw, he found fault in the plug which is known as "W3 Total Cache", which is a plug-in function is to keep a copy hidden or aspiring to "Cache" for blog content to speed up access to in cases of repeated requests.According to Donnfeld, and since the data Blog stored in a manner similar, and in the form of models are searchable, it is possible, through this imbalance, extracting sensitive information flagged traffic or Cached from the database, and that may exist in the directory content your blog if enacted .The site said Seclist.org, that it will not be difficult to see evidence that has not been activated.And according Donnfeld, that all copies of the platform "WordPress" existing is vulnerable to this flaw, but stressed that the founder of the plug "W3TC" intends to work to resolve this problem as soon as possible. On the other hand, urged Donnfeld users of this plug-in disables that bugs are fixed suffered.Noteworthy that the platform "WordPress" is considered one of the most popular blogging platforms, both at the level of personal or corporate use.