Two security vulnerabilities afflict a WordPress plugin with 40,000 installs. One a privilege-escalation problem and the other a stored XSS bug. Attacks can allow attackers to gain root access and take over devices running same firmware. Updates 1.2.44 and 1.4.3 for the official open source reference library libpng have been released to close security holes. Read the full article in this article by The H Security Newsroom at http://t.co/Q8lpOqhc1n.
Source: https://threatpost.com/critical-holes-closed-png-image-library-062910/74159/