Potentially Dangerous WordPress Vulnerability
2 Comments Published January 5th, 2007 in security, wordpressAshish Mohta of TechSpot has brought to my attention a potentially dangerous wordpress vulnerability that affects all users of wordpress versions below 2.0.6. A relatively minor coding error exists that could allow a malicious user to inject code into your wordpress loop apparently. More technical information is available on this post by David Kierznowski at Operation N. The fix looks to be pretty simple and an official patch is available from the wordpress trac site. Thanks, Ashish for ringing the alarm bell for us!


Thanks for the heads up! Otherwise I might never have heard about it. I just downloaded the patch.
No problem, Liz. Thanks to Ashish for spreading the word.