Advisories

1

WordPress 2.6.2 Snoopy Vulnerability

Posted by DK
November 1, 2008

WordPress announced the following vulnerability in WordPress 2.6.2:

A vulnerability in the Snoopy library was announced today.  WordPress uses Snoopy to fetch the feeds shown in the Dashboard. Although this seems to be a low risk vulnerability for WordPress users, we wanted to get an update out immediately. 2.6.3 is available for download right now. If [...]

0

st_newsletter SQL Injection

Posted by Philipp
November 1, 2008

The st_newsletter Plugin is once again vulnerable to SQL Injection.

The hole is located within the page stnl_iframe.php, the parameter newsletter is missing correct sanitisation and so the plugin is prone to this attack. Currently we’re not aware about any fixes, users should disable the Plugin in the meantime, or should fix the problem their self. [...]

1

Multiple vulnerabilities in WP Comment Remix 1.4.3

Posted by Philipp
November 1, 2008

A number of vulnerabilities have been discovered in the WP Comment Remix 1.4.3 plugin.

The following is a short overview of the vulnerabilities discovered:

SQL Injection: caused by unsanitized variable “p” in the ajax_comments.php file.
Cross Site Scripting: This affects authenticated and unauthenticated users.
Cross Site Request Forgery: the form generated through wpcr_do_options_page lacks the WordPress wp_nonce security function.

These [...]

0

Wordpress-MU Cross Site Scripting Vulnerability

Posted by Philipp
October 2, 2008

Product: Wordpress-MU (multi-user)
Version: Versions prior to 2.6 are affected
Credits: Juan Galiana

Juan Galiana has published the advisory to Bugtraq this week which includes a proof of concept exploit.

Wordpress-MU is affected by a Cross Site Scripting vulnerability, an attacker can perform an XSS attack that allows him to access the
targeted user cookies to gain administrator privileges

In [...]

4

WordPress 2.6.1 Weak Entropy Vulnerability

Posted by DK
September 11, 2008

iso^kpsbr has discovered a vulnerability that may allow an external attacker to gain admin access to WordPress 2.6.1.

WordPress is prone to a weakness in the entropy of generated passwords. Successfully exploiting this issue may allow an attacker to guess randomly generated passwords. WordPress 2.6.1 is vulnerable; other versions may also be affected.

The original advisory and [...]

Previous Page
Next Page