Critical WordPress Flaw Found

Posted by DK
August 22, 2007

A critical WordPress vulnerability has been discovered by Alexander Concha.

The Remote SQL Injection vulnerability affects the latest versions of WordPress including Wordpress <= 2.2.2 and Wordpress MU <= 1.2.4.

Alexander has also written a proof of concept exploit for the vulnerability. He has contacted WordPress regarding the hole. A patch cannot be released without disclosing to much information regarding the hole, however, we hope this post will motivate WordPress to release a fix earlier rather then later.

As a side note, Alex claims to have also found a bunch of other SQL Injection and XSS findings. Nice work Alex.

News, WordPress

Random Posts

If you enjoyed this post, please leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

Comments
Pingback by WordPress Wednesday News: Happy Birthday WordPress.com, WordCamps in Beijing and Israel, Censorship in Turkey, and More WordPress News : The Blog Herald on August 22, 2007 @ 10:38 pm

[...] users. Mark Jaquith reports on some of the security issues covered by this update. ALERT: Blog Security reports a security flaw has been uncovered and reported to WordPress. Expect a new security update to be released soon as [...]

Trackback by -=Discobeats=- on August 23, 2007 @ 5:47 am

[WordPress] Neue SQL – Injection verwundbarkeit entdeckt…

Alexander Concha hat wohl eine neue Lücke in der aktuellen Version von WordPress (2.2.2) gefunden.
Ein Proof-of-Concept existiert auch, WordPress ist informiert, aber einen Fix, bzw. einen “manuellen” Fix gibt es noch nicht, da dies…

Comment by Andrea on August 23, 2007 @ 2:33 pm

I’ve noticed the fixed trac tickets in MU. A couple, anyway.

Comment by David Kierznowski on August 23, 2007 @ 3:15 pm

Andrea, nice spot, thanks for update.

Comment by alex on August 23, 2007 @ 3:28 pm

Andrea, the trac changesets you mention fix other specific problems in WP MU.

Pingback by WordPress: Llamadas múltiples en XML-RPC » Buayacorp - Diseño y Programación on August 23, 2007 @ 5:22 pm

[...] tipo de llamadas y gracias a ciertas características de WordPress, fue posible hacer funcionar el tan publicitado exploit para una vulnerabilidad que afecta a casi todas las versiones de este [...]

Pingback by An Agreeable Openness « Geof’s Relentless Kvetching About WordPress on August 25, 2007 @ 2:20 am

[...] Agreeable Openness August 24th, 2007 Well, again we’ve got folks claiming to have found a remote SQL injection in WordPress, one that affects all versions. At least the discoverer, Alexander Concha, did the right thing: notifying the WP folks. He’s [...]

Pingback by WordPress Ticker (11) — Software Guide on September 4, 2007 @ 11:01 pm

[...] Blogsecurity am 22.08. berichtete, wurde eine kritische Sicherheitslücke in WordPress entdeckt, die wohl alle Versionen bis [...]

Pingback by On WP 2.2.3 and WP 2.3 « Geof’s Relentless Kvetching About WordPress on September 12, 2007 @ 2:03 am

[...] and others raised. That is very good. Thanks, guys. And for the record, it was 16 days between notice and release. Very [...]

Comment by wustenrot on November 10, 2007 @ 7:46 am

Andrea, the trac changesets you mention fix other specific problems in WP MU.

Pingback by WordPress News | Nathan Rice (Wordpress News) | Ultimate wordpress resources for your blog. on November 21, 2007 @ 5:42 pm

[...] WordPress.com, WordCamps in Beijing and Israel, Censorship in Turkey, and More WordPress News users. Mark Jaquith reports on some of the security issues covered by this update. Read More [...]

Pingback by Wordpress 2.2.3 erschienen - EDV | Ende der Vernunft on May 10, 2008 @ 8:12 pm

[...] Aber zu Wordpress 2.2.3 gibt es ein Detail, das ich sehr intressant finde. Zitat sw-guide.de: Wie Blogsecurity am 22.08. berichtete, wurde eine kritische Sicherheitsl

Leave a comment

(required)

(required)