WordPress.org

Ready to get started?Download WordPress

Forums

XSS attack - WP unsecure (3 posts)

  1. www.onlinecasinoselite.com
    Member
    Posted 8 years ago #

    there's a major leak in WP, making it possible to hack all WP 2.0.x blogs.

    http://www.securityfocus.com/archive/1/425043/30/0/threaded

    until the team fix it, you can only close ALL comments.

  2. skeltoac
    Member
    Posted 8 years ago #

    Short version: that advisory is bogus. Commenter URLs are stripped of all quotes and other invalid characters before storage and display.

    Long version: the scripting code the author demonstrates only works when the following are true:
    1. The visitor commented on the site in question with that code in his url, or had cookies planted in his browser to mimic the effect of leaving a comment with that code in the url.
    2. The visitor is not logged in to the site in question (logged-in visitors do not see the URL input box) and therefore does not have his credentials in his browser's cookies, so they cannot be stolen by any script in the comment form.

  3. skeltoac
    Member
    Posted 8 years ago #

    Here's a patch that eliminates any further annoyances caused by this effect:

    http://trac.wordpress.org/ticket/2454

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags