Archive for November, 2007
ProBlogger what blog platform poll
ProBlogger released a new poll regarding the most used Blogs. Darren also has a link to a similar poll he ran in 2006.
As BlogSec’s own research has shown before, WordPress appears to be the more popular choice for bloggers, hence our focus on this great blogging platform – it has its weaknesses, but it is [...]
Multiple WordPress Plugin Vulnerabilities
Mustlive continues with his Captcha vulnerability month and has submitted three new vulnerabilities which affect WordPress plugins.
Anti Spam Image CAPTCHA bypass – Read More.
Math Comment Spam Protection CAPTCHA bypass – Read More.
XSS in Math Comment Spam Protection – Read More.
Mustlive has also informed us that he plans to release some WordPress specific vulnerabilities in [...]
Guest Blogger: Web Business blogs get hacked
Sherif Elsisi from tdot-blog.com Web Hosting is our guest blogger this week. He shares his experiences and frustrations of how his WordPress blogs were hacked and how he dealt with it. Great read.
I manage a small web hosting business. Lately I had multiple attackers on my customer sites specifically targeting WordPress sites. I was [...]
WordPress Cookie Authentication Vulnerability
Steven J. Murdoch has released an advisory regarding weaknesses in the way WordPress generates cookies (without salt), and affects Wordpress 1.5 — 2.3.1 (including current version, as of 2007-11-19).
This is an issue I have looked into before because I have felt there are more vulnerabilities to be found in this area for WordPress as [...]
Marco Ramilli joins BlogSec Team
We are pleased to announce a new BlogSec member, the talented Mr Marco Ramilli :)
He will be working with Gareth Heyes on the Spambam project… some exciting stuff to come! Welcome aboard champ.
