WordPress HTML Injection Vulnerability

Wow .. i just got back .. and i read a very interesting news about the recent wordpress html injection vulnerability issue that is exists on several .. um .. almost all versions of wordpress below 2.0.6 (well i dont know anything about the 1.x series of wordpress because i never use it before)

Fortunately there is already a fix for this problem and you can do it by applying the latest patch from WordPress Trac into the templates.php file in your wp-admin directory

As as a note, if you want to see a proof of concept regarding this wordpress issue, you can go to David Kierznowski homepage and see it by yourself

And yet another note, WordPress 2.0.6 RC2 has been released (from the WP-Testers Mailing Lists) and this new release candidate already include a fix for this problem

Comment?

Note: Comment may not appear right away.

9 comments on “WordPress HTML Injection Vulnerability

  1. Hi everyone, I have starting playing mafia games. I am finding this very addictive and wondering if anyone else has played these games. I have won over $200 over the past few rounds but I need more members to join my crew so we can win and share more money.

    gangland

  2. 大変ですよね、就職活動

    就職氷河期、それも超就職氷河期{と言われる時代に突入しようとしています。

    この、就職氷河期は並大抵の努力では乗り切ることが困難と言われています。

    {米国、アメリカのサブプライムを皮切りに引き起こされた|世界同時不況とも言われている}今回の不況、それこそ数年間にわたって、世界経済に{影響を与えます。|インパクトを与え続けるでしょう。}

    この時期の、今のあなたが直面している就職活動というイベントは、あなたの人生、就職人生の大きなウエイトを占めることとなります。

    {昨年までの就職活動状況とは180度転換した|就職活動は、技術と知識で乗り切ることが出来ます。}就職氷河期、絶対に後悔しないように全力で戦いましょう。

  3. Great post. Thanks for sharing!I also have an online printing website to recommend. Check out at my website.1450