Security loophole: Wordpress template.php Exploit

Jan

4th

Security loophole: Wordpress template.php Exploit

Author: eches | Files under Security

I hope this post will serve as a warning to WordPress users regarding an exploit found in WordPress 2.0.5 and below which allows remote attackers to inject arbitrary web script or HTML via the file parameter and has been classified as a 7.0 (High) risk issue (Refer National Vulnerability Database).

This loophole is expected to be patched for Wordpress 2.0.6 and apparently, those who are using Wordpress 2.0.5 and below are exposed to the threat. It is advisable to patch the loophole by updating the template.php file in wp-admin. Please see the latest patch for patching purpose and make sure you back up your wordpress files before performing any updates.

You can get more details and updates of this threat from Operation n and
Technospot.net

Technorati Tags: security, wordpress loophole, exploit, patch

Related Posts

» Wordpress 2.0.6 upgrade
» Firefox password security hole
» Spoofing bug in IE7
» Wordpress 2.2.3: Update time

Related References

1 Trackback(s)

Jan 6, 2007: Eches Blog » Wordpress 2.0.6 upgrade

Categories
- Adsense (14)
- Apple (3)
- Blogging Tips (30)
- Computer (8)
- Earn Money Online (19)
- Firefox (27)
- Freeware (27)
- Funny (8)
- Gadget (5)
- Gmail (6)
- Google (17)
- Hacks (3)
- Hosting (6)
- Instant Messengers (6)
- Internet (60)
- Internet Explorer (3)
- iPhone (1)
- Microsoft (18)
- Miscellaneous (13)
- Mobile Phones (4)
- Movies (2)
- My 24/7 (15)
- Payment processors (1)
- Photoshop Tutorials (3)
- Productivity (9)
- Rapidshare (5)
- Review (9)
- Security (35)
- SEO challenge (8)
- SEO Tips (15)
- Speedy Links (10)
- Technology (10)
- Tips & Tricks (60)
- Torrent (3)
- Utilities (4)
- Vouchers (2)
- web 2.0 (5)
- Web Design (26)
- Windows 7 (5)
- Windows Vista (8)
- Windows XP (9)
- Wordpress Plugins (12)
- Wordpress Themes (15)
- Wordpress Tips (5)
- Wordpress Updates (26)
- X-Interesting (32)
- Yahoo (5)
- Youtube (7)
- YSM (3)
Recent Comments

Network

Europe One-Stop

SEO & Internet
- Search Engine Optimization - search engine optimization and advertising specialist.
- Blog - Thoughts.com is a blog community where people share their thoughts and debate issues
- Search Engine Optimization - Click Consult Provide Search Engine Optimization Services Worldwide
- Tattoo - We are a group of tattoo enthusiasts
- Research Papers - We are a team of professional writers, whose main goal is to provide you with excellent assistance in research paper writing.
- SEO Search Engine Ranking - Improve your SEO services. Premium Web content, intelligent links, quality optimization & competitive search engine placement. You deserve Better Rankings!
- Securely share business files - Nomadesk is a business file sharing / backup tool designed for digital nomads.

Peripherals & Misc
- canon ink
  See Internet Ink for Canon Ink Cartridges. Discounted Ink Cartridges, same day dispatch.
- MP3 Player Accessories
- Acer laptops
- Printers
- SEO

Eches - Blogging, technology, internet and earn money online

Security loophole: Wordpress template.php Exploit

1 Trackback(s)

Post a Comment

Categories

Recent Comments

Network

Europe One-Stop

SEO & Internet

Peripherals & Misc