XSS attack - WP unsecure (3 posts)

  1. onlinecasinoselite.org
    Posted 10 years ago #

    there's a major leak in WP, making it possible to hack all WP 2.0.x blogs.


    until the team fix it, you can only close ALL comments.

  2. skeltoac
    Posted 10 years ago #

    Short version: that advisory is bogus. Commenter URLs are stripped of all quotes and other invalid characters before storage and display.

    Long version: the scripting code the author demonstrates only works when the following are true:
    1. The visitor commented on the site in question with that code in his url, or had cookies planted in his browser to mimic the effect of leaving a comment with that code in the url.
    2. The visitor is not logged in to the site in question (logged-in visitors do not see the URL input box) and therefore does not have his credentials in his browser's cookies, so they cannot be stolen by any script in the comment form.

  3. skeltoac
    Posted 10 years ago #

    Here's a patch that eliminates any further annoyances caused by this effect:


Topic Closed

This topic has been closed to new replies.

About this Topic