Latest Exploit In Wordpress

January 3, 2007 | By Gobala Krishnan | Comments Off

A Cross-site scripting (XSS) vulnerability has been discovered in wp-admin/templates.php in WordPress which affect all version till 2.0.5.

Wordpress is prone to a HTML-injection scripting vulnerability because the application fails to properly sanitize user-supplied input.

Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.

Versions prior to 2.0.6 are vulnerable to this issue.

source – Security Focus

According to LiewCF, The National Vulnerability Database has reported this as severity 7.0 (high).

I “strongly” encourage wordpress users to apply the Latest Patch ASAP!! Just download the necessary file and overwrite the existing.

RSS feed

Comments

No comments yet.

Sorry, the comment form is closed at this time.

  • Get Blogging Tips in Your Email

  • Join Our Facebook Fan Page

    BlogSell on Facebook

  • Recent Comments

  • Recent Posts

  • Categories

    • Copyright © Make Money Blogging · Log in