Advisories
WordPress.com Blogs Vulnerable
WordPress.com (2.3.2) is vulnerable to two Cross-Site Scripting vulnerabilities. It is important to note that these only affect WordPress.com blogs.
Proof of concept exploits have been released and there is a danger that an XSS Worm could use this type of vulnerability to compromise thousands of WordPress.com blogs. (See developer verse hosted blogs debate.).
Doz from hackerscenter.com [...]
wp-people, Simple Forum, WP Photo Album, Search Unleashed, Sniplets
Once again a number of critical issues have been discovered in a variety of WordPress plugins. If you are using one of these plugins, we suggest disabling the plugin until a fix has been produced by the plugin developer. Info as follows:
WP People <=1.6 is vulnerable to SQL Injection. The person parameter is not correctly [...]
Ferruh WordPress CSRF Vulnerability
Ferruh sent BlogSec an email this morning about a new attack vector for WordPress, using CSRF (Cross Site Request Forgery).
We have not yet had time to investigate the issue further, but it looks interesting. The basic concept revolves around the fact that WordPress is user friendly and asks the user for confirmation before submitting a [...]
WordPress MU 1.3.3 Security release
Donncha has announced the new release of WordPress MU (1.3.3). This release fixes the same flaw in XML-RPC as the WordPress core release.
We recommend you update your WP-MU to the latest version or atleast upgrade your xmlrpc.php file.
dmsguestbook, st_newsletter, Wordspew, wp-footnotes vulnerabilities [Update2]
Within the last few days a number of remote SQL Injection vulnerablities within a variety of plugins have been released. This new search for this type of vulnerability follows David Kierznowski’s recent finding in the popular WP TextLinkAds plugin.
dmsguestbook 1.7.0 is vulnerable to multiple vulnerabilites. At first it’s possible to Deface your wp-config.php, an Attacker [...]
