[ALUG] Critical bug in Wordpress
Andreas Tauscher
ta at geuka.net
Mon Apr 27 21:50:06 EAT 2015
A bug in the Wordpress comment system has been found. [1]
It is a Stored Cross-Site Scripting (Stored XSS).
An attacker can take over the admin account by simply leaving a comment!
It is a similar problem like a Stored XSS [2] found over a year ago and
Wordpress fixed last week.
14 months for fixing this. And now again? WTF is this Wordpress security
team? All on vacation, sleeping, drunk?
Proofed to be vulnerable is: Wordpress 4.2, 4.1.3, 4.1.2, 4.1.1 and 3.9.3
Until a patch is available:
Either disable the comment option completely or set WP to moderated and
check each comment manually. In the admin view the XSS filter is working
correct and the injected code will not me executed.
Andreas
[1] http://klikki.fi/adv/wordpress2.html
[2] https://cedricvb.be/post/wordpress-stored-xss-vulnerability-4-1-2/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.habari.co.tz/pipermail/linux/attachments/20150427/68ad1440/attachment.pgp>
More information about the Linux
mailing list