TUCoPS :: Web :: Blogs :: c07-2541.htm

Wordpress <= v2.1.0
Wordpress <= v2.1.0
Wordpress <= v2.1.0



If you're logged in into wordpress as an admin, your comments aren't properly sanitized, thus allowing an XSS to be posted. This can be exploited using XSRF techniques.

More info & PoC: http://www.virtuax.be/advisories/Advisory4-20022007.txt 

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH