Login »

Michael Dale

«Previous Page Next Page» Home | Contact | Projects | Admin
Search Posts

Categories

Bluetrait
        Bluetrait
            Coding
            Geek
            General
            Coding
                PHP
                Bluetrait
                WordPress
                    Plugins
                PHP
                Bluetrait (Program)
            Geek
                Juniper
                Cisco
                IBM N2200 8363
                PCs
                Spam
                IPv6
                Apple
                NetScreen
                Internet
            General
                Uni

Click here if you are looking for Bluetrait, the weblog software.


Login

Username:

Password:

XSS Security Holes in WordPress

Posted by Michael Dale on Sat, 02 Oct 2004 9:46 PM

Security vulnerabilities have been found in WordPress that allows users to enter code into the site through certain urls (whose content is not checked).

Examples:
http://[victim]/wp-login.php?redirect_to=[code]
http://[victim]/wp-login.php?mode=bookmarklet&text=[code]
http://[victim]/wp-login.php?mode=bookmarklet&popupurl=[code]
http://[victim]/wp-login.php?mode=bookmarklet&popuptitle=[code]
http://[victim]/admin-header.php?redirect=1&redirect_url=%22;[code]//
http://[victim]/bookmarklet.php?popuptitle=[code]
http://[victim]/bookmarklet.php?popupurl=[code]]
http://[victim]/bookmarklet.php?content=[code]
http://[victim]/bookmarklet.php?post_title=[code]
http://[victim]/categories.php?action=edit&cat_ID=[code]
http://[victim]/edit.php?s=[code]
http://[victim]/edit-comments.php?s=[code]
http://[victim]/edit-comments.php?mode=[code]

XSS (cross-site scripting) holes are common in many php scripts and Wordpress isn't the only effected blogging tool. LiveJournal and Blogger are also vulnerable.

Athlough this is a somewhat large security issue wordpress users shouldn't be too worried, all scripts have bugs.

The Wordpress team are working on a 1.2.1 release to fix these issues. So look out for it.

Related links:
http://wordpress.org/support/4/13818
http://wordpress.org/support/7/13856
http://news.netcraft.com/archives/2004/09/30/security_holes_in_wordpress_blogging_tool.html
http://secunia.com/advisories/12683/


Permalink

WordPress

On Sat, 02 Oct 2004 at 11:20 PM, Stuart wrote:

Wieeerd. That's just absolutely scary. Still, it's not going to stop me from using WP but it does pose a bit of a security threat. *sigh*

1: Comment Link

On Sun, 03 Oct 2004 at 8:26 AM, Michael Dale wrote:

Oh I wouldn't stop using Wordpress over it. There are always going to be issues like that. phpBB has had them, although they were fixed before they were known to the general geek population. I'd say in the next week or so you should see a patch. And then Wordpress 1.3 should come out sometime after. I'm looking forward to that.

2: Comment Link

Comments?
Click for comments help.

HTML allowed: <a href="" title="" rel=""></a> <b></b> <blockquote cite=""></blockquote> <em></em> <i></i> <strike></strike> <strong></strong> <li></li> <ol></ol> <ul></ul>
ie: <b>bold</b>

Your comment may need to be reviewed before it is published.

Message

Name

Email (not shown)

WWW (optional)

Allow contact form email

Remember details

0.0748 Seconds Powered by Bluetrait 4.46 MB 9 Queries