Currently viewing and reading

Wordpress 2.3.3 Security release

Posted by mann3r in February 5th 2008  

Wordpress 2.3.3 security release is out to public addressing issues and minor fixes. A vulnerability that will allow users to edit post of any other users of a wordpress blog. According to Wordpress Development Blog.

A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs.

They also mentioned about a vulnerabity on WP-Forum plugin.

Input passed to the “user” parameter in the WordPress installation’s index.php script (when “forumaction” is set to “showprofile” and “page_id” to a page with the “” tag) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Be sure to patch your wordpress blogs and checked your plug-in installed on you blog regularly. Be safe than sorry.

Get updates via Email

under: General

Related Post

No Comment Received

Leave A Reply

Please Note: Comments maybe under moderation after you submit your comments so there is no need to resubmit your comment again

« Will Microsoft go for $50 Billion?
Paypal Philippines successful Bank Withdrawal »

Feeds

feeds
get latest updates on news and subscribe to our feed


Translate This Page

More About The Site

Search Engine Optimization Blog a personal opinion on SEO, website tips and some search engine news and philosophy.

Subscribes

  • stumble
  • technorati add myyahoo

Advertisment

1 1 1 1 1 1

Want to put your ad here, contact us

Search

Categories

Links

Archives

Pages

Meta