Author Archive

0

BlogSecurity Upgrade and Move

Posted by DK
December 8, 2009

Hey guys, we had loads of emails recently regarding wp-scanner just not working. Unfortunately, our old hosting company performed an upgrade which broke our DNS and configurations. To add insult to injury we were also in the process of moving to a new server at a new provider so things have been an utter a [...]

0

WordPress 2.8.3 Fixes Security Holes

Posted by DK
August 4, 2009

If you haven’t already done so, we’d stongly recommend upgrading to WordPress 2.8.3. Also, the WordPress 2.0.x branches are now deprecated (a bit earlier then expected) and will therefore no longer be maintained. [Link]
Unfortunately, I missed some places when fixing the privilege escalation issues for 2.8.1. Luckily, the entire WordPress community has our backs. [...]

0

Acunetix Advanced Web Vulnerability Scanner Review

Posted by DK
August 19, 2008

As some of you may know, our wp-scanner project looks for common WordPress XSS issues but what about testing more advanced web sites and/or CMS (content management systems)?

Acunetix is one of the leading commercial web applicaton vulnerability scanners on the market. The reason I mention it (other then the fact that they are one of [...]

5

Wordpress 2.5 Cookie Integrity Protection Vulnerability

Posted by DK
April 27, 2008

Steven J. Murdoch has discovered a vulnerability in WordPress 2.5 that may allow a registered user to gain admin level access on the blog. Only WP 2.5 blogs that permit users to register user accounts are vulnerable.

According to Steven:

This vulnerability exists because it is possible to modify
authentication cookies without invalidating the cryptographic
integrity [...]

6

Democracy 2.0.1 HTML Injection Vulnerability

Posted by DK
January 16, 2008

Intro
Democracy is a popular AJAX driven voting plugin for WordPress.
BlogSecurity found a vulnerability in the latest version of Democracy (2.0.1) that may allow attackers to hijack your admin/user accounts as well as a vast number of other attack vectors.
Proof of concept (test your blog):

http://wordpress.dom/blah’style=xss:expression(alert(document.cookie)); (Tested on IE7)
OR
http://wordpress.dom/blah’onMouseOver=javascript:alert(document.cookie);// (Testing on Firebox & IE)

This proof of concept [...]

Next Page