Main Website RSS FeedCurrent Article

Wordpress HTML Injection Vulnerability

By Reaper-X on Jan 1, 2007 in Computer Security, Freeware, Network and Security, Open Source, PHP, Software, Wordpress

Wow .. i just got back .. and i read a very interesting news about the recent wordpress html injection vulnerability issue that is exists on several .. um .. almost all versions of wordpress below 2.0.6 (well i dont know anything about the 1.x series of wordpress because i never use it before)

Fortunately there is already a fix for this problem and you can do it by applying the latest patch from Wordpress Trac into the templates.php file in your wp-admin directory

As as a note, if you want to see a proof of concept regarding this wordpress issue, you can go to David Kierznowski homepage and see it by yourself

And yet another note, Wordpress 2.0.6 RC2 has been released (from the WP-Testers Mailing Lists) and this new release candidate already include a fix for this problem

RSS Feed for This Post7 Comment(s)

  1. 1
    jameswillisisthebest | Sep 9, 2007 at 3:47 / 3:47 AM | Links to this comments | Reply

    This is my first post
    just saying HI

  2. 2
    WinAntiSpyware | Sep 12, 2008 at 21:35 / 9:35 PM | Links to this comments | Reply

    Your current antivirus solution is not protecting you
    against Spyware and Adware. Get real protection!
    http://www.go4soft.net

  3. 3
    proczuha | Oct 18, 2008 at 15:03 / 3:03 PM | Links to this comments | Reply

    i agreed with author. thanksq

  4. 4
    Great Printing Site | Dec 28, 2008 at 4:16 / 4:16 AM | Links to this comments | Reply

    Great post. Thanks for sharing!I also have an online printing website to recommend. Check out at my website.1450

  5. 5
    icejobjob | Feb 7, 2009 at 20:51 / 8:51 PM | Links to this comments | Reply

    大変ですよね、就職活動

    就職氷河期、それも超就職氷河期{と言われる時代に突入しようとしています。

    この、就職氷河期は並大抵の努力では乗り切ることが困難と言われています。

    {米国、アメリカのサブプライムを皮切りに引き起こされた|世界同時不況とも言われている}今回の不況、それこそ数年間にわたって、世界経済に{影響を与えます。|インパクトを与え続けるでしょう。}

    この時期の、今のあなたが直面している就職活動というイベントは、あなたの人生、就職人生の大きなウエイトを占めることとなります。

    {昨年までの就職活動状況とは180度転換した|就職活動は、技術と知識で乗り切ることが出来ます。}就職氷河期、絶対に後悔しないように全力で戦いましょう。

  6. 6
    sjilkbe dtjeaf | Mar 20, 2009 at 0:19 / 12:19 AM | Links to this comments | Reply

    erziw vynrtsqx xdplbut xujtev kvzfhpq ijowyeht iqkx

  7. 7
    reraCackource | Apr 12, 2009 at 13:54 / 1:54 PM | Links to this comments | Reply

    Hi everyone, I have starting playing mafia games. I am finding this very addictive and wondering if anyone else has played these games. I have won over $200 over the past few rounds but I need more members to join my crew so we can win and share more money.

    gangland

2 Trackback(s)

  1. From bunnie’s blog » Blog Archive » pwned | Jan 11, 2007
  2. From bunnie’s blog » Blog Archive » pwned | Jan 11, 2007

RSS Feed for This PostPost a Comment

Line and paragraph breaks automatic, e-mail address never displayed, avoid using spammy words or phrases to prevent your comment from going into the oblivion, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Previous Post
Next Post