Post Tagged with: "wordpress"

  • WordPress 3.3.1 Multiple CSRF Vulnerabilities

    WordPress 3.3.1 Multiple CSRF Vulnerabilities

    Bugs and Exploits May 7, 2012 05:23 4 comments

      WordPress 3.3.1 suffers from multiple CSRF vulnerabilities which allow an attacker to change post title, add administrators/users, delete administrators/users, approve and unapprove comment, delete comment, change background image, insert custom header image, change site title, change administrator’s email, change WordPress Address, change Site Address, when an authenticated user/admin  browses [...]

     
  • Multiple Vulnerabilites in WordPress 3.3.1 or earlier

    Multiple Vulnerabilites in WordPress 3.3.1 or earlier

    WordPress January 25, 2012 19:37 1 comment

    Trustwave’s SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress (http://wordpress.org/) Product: WordPress Version affected: 3.3.1 and prior Product description: WordPress is a free and open source blogging tool and publishing platform powered by PHP and MySQL. Credit: Jonathan Claudius of Trustwave SpiderLabs Finding [...]