Alerts
WordPress Adsense Deluxe Vulnerability
David Kierznowski of Operation n has discovered some serious flaws in the WordPress Adsense Deluxe plugin as part of the WordPress Angel Project. The vulnerability(s) affect all versions.
This vulnerability reminds me of the the old Hacker movies, where a worm is released that steals random pennys from unsuspecting victims. This vulnerability is the closest I [...]
WordPress Akismet Fixed
This is a quick alert to let everyone know that a new version of Akismet has been released to address the recent security vulnerability. As usual, I was very impressed with the speed and accuracy of WordPress in addressing this issue, in particular Ryan Boren and Matt Mullenweg.
For details on downloading the latest WordPress Akismet [...]
WordPress 2.1.3 Akismet Vulnerability
Updates:
14/05/07 Added link to new version
David Kierznowski of Operation n has discovered a serious flaw in the Akismet anti-spam plugin that comes by default with the latest version of WordPress (2.1.3).
It has not been confirmed as yet, but I believe this will affect all versions of the plugin. The vendor has been notified, and more [...]
modsecurity hack
Stefen Esser is has been credited in discovering a serious vulnerability in the popular open source web application firewall software, modsecurity.
When mod_security receives a request it parses it into web application parameters in a way it believes is correct. Because the way it parses the incoming data follows the rules defined in RFCs and not [...]
WordPress 2.0.7 Released
Intro
A serious security vulnerability has been found in WordPress <=2.0.6. This can’t be good for them as they just released 2.0.6 “11 days ago”.
Proof of Concept
http://milw0rm.com/exploits/3109
Solution
Get the latest version here.
The quicker fix here.
