Author Archive
WordPress 2.6 Security Improvements?
WordPress 2.6 plans to have a number of security improvements. A number of XMLRPC features will be deactivated by default. I doubt they will remove functions such as pingbacks and trackbacks, however, it is something to keep an eye on.
So will this really help secure WordPress in the future?
WordPress have been becoming more security [...]
Nextgen gallery – XSS flaw
The Nextgen Gallery Plugin version <= 0.96 have been found vulnerable to a persistent Cross Site Scripting bug..
According to the advisory, the attacker does require authentication and access to the following URL:
http://[host]/[directory]/wp-admin/admin.php?page=nggallery-manage-gallery
As far as we know, no fix is currently available.
WordPress Upload File Plugin SQL Injection
A SQL Injection vulnerability has been reported in WordPress by the Balsec Team. The advisory is lacking alot of detail.
This post will be updated as new information is made available.
WordPress 2.3.3 Directory Traversal Vulnerability
Sandor Attila Gerendi found a vulnerability within WordPress 2.3.3, which under certain circumstances allows an attacker to run arbitrary PHP code on WordPress 2.3.3.
Input passed via the “cat” parameter to index.php is not properly sanitised in the “get_category_template()” function in wp-includes/theme.php before being used to include files in template-loader.php. This can be exploited to include [...]
WordPress 2.5.1 Malicious File Execution
CWH Underground have published an advisory regarding a malicious file execution vulnerability in WordPress 2.5.1.
We do not quite follow this advisory. The vulnerability discusses the idea of uploading a PHP backdoor onto a WordPress blog via the upload file facility, or via the plugin edit facility. I don’t think this is really a [...]
