WordPress HTML Injection Vulnerability

Wow .. i just got back .. and i read a very interesting news about the recent wordpress html injection vulnerability issue that is exists on several .. um .. almost all versions of wordpress below 2.0.6 (well i dont know anything about the 1.x series of wordpress because i never use it before)

Fortunately there is already a fix for this problem and you can do it by applying the latest patch from WordPress Trac into the templates.php file in your wp-admin directory

As as a note, if you want to see a proof of concept regarding this wordpress issue, you can go to David Kierznowski homepage and see it by yourself

And yet another note, WordPress 2.0.6 RC2 has been released (from the WP-Testers Mailing Lists) and this new release candidate already include a fix for this problem


Note: Comment may not appear right away.

9 comments on “WordPress HTML Injection Vulnerability

  1. Hi everyone, I have starting playing mafia games. I am finding this very addictive and wondering if anyone else has played these games. I have won over $200 over the past few rounds but I need more members to join my crew so we can win and share more money.


  2. 大変ですよね、就職活動






  3. Great post. Thanks for sharing!I also have an online printing website to recommend. Check out at my website.1450