Potentially Dangerous WordPress Vulnerability

Posted on January 5, 2007 by ray

Ashish Mohta of TechSpot has brought to my attention a potentially dangerous wordpress vulnerability that affects all users of wordpress versions below 2.0.6. A relatively minor coding error exists that could allow a malicious user to inject code into your wordpress loop apparently. More technical information is available on this post by David Kierznowski at Operation N. The fix looks to be pretty simple and an official patch is available from the wordpress trac site. Thanks, Ashish for ringing the alarm bell for us!

Be Sociable, Share!

Related posts:

  1. WordPress 2.0.5
  2. Tweaking the Web Site with WordPress
  3. WordPress Plugin to Format Code Samples
  4. WordPress 2.0.4 Upgrade Completed
  5. Redirecting a Blogger.com Blog to a WordPress Blog
This entry was posted in Uncategorized and tagged , . Bookmark the permalink.

2 Responses to Potentially Dangerous WordPress Vulnerability

  1. LearningNerd says:
    January 5, 2007 at 1:18 pm

    Thanks for the heads up! Otherwise I might never have heard about it. I just downloaded the patch. :)

    Reply
  2. ray says:
    January 5, 2007 at 5:18 pm

    No problem, Liz. Thanks to Ashish for spreading the word.

    Reply