Wordpress <= Adminpanel 2.1.1 XSS Vulnerability
By Reaper-X on Feb 28, 2007 in Apache, Network and Security, PHP, Website, Wordpress
I found this from SecFocus website regarding the XSS problem on Wordpress 2.1.1 (0day) yesterday .. and this new xss exploit works on version 2.1.1 .. (i’ve already tested it on my local server) – Link (SecFocus) / Link 2 (Secunia) and here’s what it said :
Samenspender has discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed to the "post" parameter in wp-admin/post.php (when "action" is set to "delete") is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Successful exploitation requires that the target user is logged in as administrator.
The vulnerability is confirmed in version 2.1.1. Other versions may also be affected.
And today, i read another possible script injection attack on wordpress <= 2.1.1 based blogging platform discovered by Stefan Friedli – Link
The only solution i’ve found so far to prevent / reduce the damage of this attack is by protecting your wordpress admin directory using .htaccess or you can also use mod_security if it’s installed on your webserver
Website RSS Feed
Stumble this post
Bookmark this post on Del.icio.us
Submit this post to Digg
Submit this post to Reddit
Print this
Trackback URL
Ooooh nice, I'm glad I stumbled on your article.. I'm currently using mod_security and changed my .htaccess to 444 per: Force Apache to output any HTTP Status Code with ErrorDocument
Wow .. thanks for visiting (as a side note, im one of your feed subscribers too) .. hahaha
?