Bugtraq: Re: Wordpress <= v2.1.0

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Wordpress <= v2.1.0

From: "vvitkov () intergenia de" <vvitkov () intergenia de>
Date: Tue, 06 Mar 2007 10:29:12 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

take a look at http://codex.wordpress.org/Roles_and_Capabilities

By design the administrator can post anything ... even js/html

ciri () virtuax be wrote:

If you're logged in into wordpress as an admin, your comments aren't properly sanitized, thus allowing an XSS to be 
posted. This can be exploited using XSRF techniques.

More info & PoC: http://www.virtuax.be/advisories/Advisory4-20022007.txt


- --
Regards
Vladimir Vitkov
Operations Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF7SZYoiOVExCFVC0RAgMfAKC62x+mbjzHlhTEQn3QZg9IIyJokgCgmf9w
G2DDt/YPlrn22KDNzWGbJx4=
=UJPB
-----END PGP SIGNATURE-----

By Date By Thread

Current thread:

Wordpress <= v2.1.0 ciri (Mar 05)
- RE: Wordpress <= v2.1.0 McCarty, Eric C. (Mar 05)
- Re: Wordpress <= v2.1.0 vvitkov () intergenia de (Mar 06)
- <Possible follow-ups>
- Re: Re: Wordpress <= v2.1.0 ciri (Mar 07)