Full Disclosure mailing list archives
Re: WordPress Persistent XSS
From: Deepan <codeshepherd () gmail com>
Date: Sat, 30 Dec 2006 20:41:42 +0800
On Wed, 2006-12-27 at 09:33 +0000, David Kierznowski wrote:
Vulnerability Title: WordPress Persistent XSS Author: David Kierznowski Homepage: http://michaeldaw.org Software Vendor: WordPress Persistent XSS Versions affected: Confirmed in v2.0.5 (latest) See homepage for more details. WordPress was contacted: 26/12/06 22:04 BST Reply received: 27/12/06 06:11 BST WordPress has fixed this for v2.0.6, see http://trac.wordpress.org/changeset/4665
Dont you need admin privileges to access the templates.php url ? I am overseeing anything ? -- ----------------------------------------------- Regards Deepan Chakravarthy N http://www.codeshepherd.com/ http://sudoku-solver.net/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- WordPress Persistent XSS David Kierznowski (Dec 27)
- Re: WordPress Persistent XSS Deepan (Dec 30)
- Re: WordPress Persistent XSS David Kierznowski (Dec 30)
- Re: WordPress Persistent XSS Deepan (Dec 30)