Wordpress HTML Injection Vulnerability

Wow .. i just got back .. and i read a very interesting news about the recent wordpress html injection vulnerability issue that is exists on several .. um .. almost all versions of wordpress below 2.0.6 (well i dont know anything about the 1.x series of wordpress because i never use it before)

Fortunately there is already a fix for this problem and you can do it by applying the latest patch from Wordpress Trac into the templates.php file in your wp-admin directory

As as a note, if you want to see a proof of concept regarding this wordpress issue, you can go to David Kierznowski homepage and see it by yourself

And yet another note, Wordpress 2.0.6 RC2 has been released (from the WP-Testers Mailing Lists) and this new release candidate already include a fix for this problem

Tags: hack PHP Wordpress wow

Leave a comment

Comments

  1. reraCackource gangster.gangland.org/ Apr 12, 2009 at 1:54 PM

    Hi everyone, I have starting playing mafia games. I am finding this very addictive and wondering if anyone else has played these games. I have won over $200 over the past few rounds but I need more members to join my crew so we can win and share more money.

    gangland

    Link to this comment Reply to this comment

  2. sjilkbe dtjeaf dsqfxwji.wsenpukov.com Mar 20, 2009 at 12:19 AM

    erziw vynrtsqx xdplbut xujtev kvzfhpq ijowyeht iqkx

    Link to this comment Reply to this comment

  3. icejobjob pwblog.com/user/xru01/syusyoku/ Feb 7, 2009 at 8:51 PM

    大変ですよね、就職活動

    就職氷河期、それも超就職氷河期{と言われる時代に突入しようとしています。

    この、就職氷河期は並大抵の努力では乗り切ることが困難と言われています。

    {米国、アメリカのサブプライムを皮切りに引き起こされた|世界同時不況とも言われている}今回の不況、それこそ数年間にわたって、世界経済に{影響を与えます。|インパクトを与え続けるでしょう。}

    この時期の、今のあなたが直面している就職活動というイベントは、あなたの人生、就職人生の大きなウエイトを占めることとなります。

    {昨年までの就職活動状況とは180度転換した|就職活動は、技術と知識で乗り切ることが出来ます。}就職氷河期、絶対に後悔しないように全力で戦いましょう。

    Link to this comment Reply to this comment

  4. Great Printing Site tinyurl.com/96cwpc Dec 28, 2008 at 4:16 AM

    Great post. Thanks for sharing!I also have an online printing website to recommend. Check out at my website.1450

    Link to this comment Reply to this comment

  5. proczuha virtualatdp.berkeley.edu:8081/apbiology/Forum/59 Oct 18, 2008 at 3:03 PM

    i agreed with author. thanksq

    Link to this comment Reply to this comment

  6. WinAntiSpyware go4soft.net Sep 12, 2008 at 9:35 PM

    Your current antivirus solution is not protecting you
    against Spyware and Adware. Get real protection!
    http://www.go4soft.net

    Link to this comment Reply to this comment

  7. jameswillisisthebest Sep 9, 2007 at 3:47 AM

    This is my first post
    just saying HI

    Link to this comment Reply to this comment

Trackbacks/Pingbacks

  1. bunnie’s blog » Blog Archive » pwned
  2. bunnie’s blog » Blog Archive » pwned

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Recent Posts

Recent How to

Other Posts

Connect with me

Reaper-X on Google+ Reaper-X on Last.FM Reaper-X on MyAnimeList