Links
Categories

Bluetrait
        Bluetrait
                Bluetrait
                    Coding
                    Geek
                    General
                    Videos
                    Solar
                    Coding
                    Geek
                    General
                    Coding
                        PHP
                        Bluetrait
                        PHP
                        Bluetrait
                        WordPress
                            Plugins
                        PHP
                        Bluetrait (Program)
                    Geek
                        Juniper
                        Cisco
                        IBM N2200 8363
                        PCs
                        Spam
                        IPv6
                        Apple
                        NetScreen
                        Internet
                    General
                        Uni

Sat, 02 Oct 2004 9:46 PM

XSS Security Holes in WordPress

Michael Dale
Security vulnerabilities have been found in WordPress that allows users to enter code into the site through certain urls (whose content is not checked). Examples: http://[victim]/wp-login.php?redirect_to=[code] http://[victim]/wp-login.php?mode=bookmarklet&text=[code] http://[victim]/wp-login.php?mode=bookmarklet&popupurl=[code] http://[victim]/wp-login.php?mode=bookmarklet&popuptitle=[code] http://[victim]/admin-header.php?redirect=1&redirect_url=%22;[code]// http://[victim]/bookmarklet.php?popuptitle=[code] http://[victim]/bookmarklet.php?popupurl=[code]] http://[victim]/bookmarklet.php?content=[code] http://[victim]/bookmarklet.php?post_title=[code] http://[victim]/categories.php?action=edit&cat_ID=[code] http://[victim]/edit.php?s=[code] http://[victim]/edit-comments.php?s=[code] http://[victim]/edit-comments.php?mode=[code] XSS (cross-site scripting) holes are common in many php scripts and Wordpress isn't the only effected blogging tool. LiveJournal and Blogger are also vulnerable. Athlough this is a somewhat large security issue wordpress users shouldn't be too worried, all scripts have bugs. The Wordpress team are working on a 1.2.1 release to fix these issues. So look out for it. Related links: http://wordpress.org/support/4/13818 http://wordpress.org/support/7/13856 http://news.netcraft.com/archives/2004/09/30/security_holes_in_wordpress_blogging_tool.html http://secunia.com/advisories/12683/

WordPress

Permalink | Comments 2

Tue, 07 Sep 2004 9:23 PM

Wordpress now has a bit of dale in it.

Michael Dale
I'm one for gloating, so I thought I'd try and raise ye old ego a bit more (as you do ;)). Anyway as you may (or probably may not) know I hacked apart wordpress to leach some of its sending trackback function and found a very small bug. The bug being if you ran wordpress on a non standard port (i.e anything other than 80) then people would be unable to send a trackback to that site. Wordpress ignored the fact that someone may have enter a port number into the trackback url. Only a small bug. So I emailed the good matt ( http://www.photomatt.net ) about the problem and included a fix for it. Less than 24 hours later wordpress is patched and the latest nightly build includes this small fix. It's just cool that anyone can help add/fix things to open source software. So praise open source (and wordpress for being so). w00t /end ego boosting post ;) no I'll never like wordpress, shutup! :S

WordPress

Permalink | Comments 4

Sat, 03 Jul 2004 9:27 AM

Complete backend update

Michael Dale
I've done a complete update of the backend of my website today. Every piece of text you now see on this website is coming to you live from my database! ;) It's very cool. Something I've been wanting to do for a while. Currently I haven't rewritten an admin panel although it is in the works as we speak. Very cool. Also got some maths done today. hehe nice.

PHP

Permalink | Comments 0