Comments on: Serious Wordpress Vulnerability/Exploit Verion 2.0.3 and Below

By: ÃÃŠÂ£Fâ€¡Ã‘Â§ » Blog Archive » Registrazioni disattivate

ÃÃŠÂ£Fâ€¡Ã‘Â§ » Blog Archive » Registrazioni disattivate — Sun, 20 Aug 2006 23:25:52 +0000

[...] A causa di una pericolosa falla in Wordpress sono costretto a dover disabilitare temporanbeamente 8in attesa di una fix per tale bug) le registrazioni. pertanto,non sarÃ piÃ¹ possibile registrarsi. Maggiori info sul bug QUI [...]

By: Wordpress 2.0.4 Released - Fixes Security Issues »

Wordpress 2.0.4 Released - Fixes Security Issues » — Mon, 31 Jul 2006 05:25:00 +0000

[...] Secure?- WebScarab - Web Application Analysis - New Version | 1 Views | no comments trackback this article comment on thisarticle [...]

By: Security Ripcord » Blog Archive » Site Taken Down For Wordpress Security Problem

Mon, 31 Jul 2006 01:41:10 +0000

[...] Some of you may have noticed that the site was down for a couple of days. This was because of an apparent flaw with Wordpress. While I was attending the ACUTA conference in San Diego I decided to catch up on the news. I am glad that I did because I noticed that Darknet had an entry about a newly discovered security vulnerability with all versions of Wordpress below 2.0.4 . Unfortunately his actual site was down and I was not able to read the full article. So I made a quick judgment call and decided to take the site down until I understood more about what was actually happening. [...]

By: The Code Cave

The Code Cave — Fri, 28 Jul 2006 04:35:37 +0000

[...] Thanks to some drastic and controversial actions taken by SpamKarma creator Dr. Dave, a large percentage of the blogging populace has been alerted to a security hole in WordPress. He even went to the effort of activating a warning message that was sent out to everyone who uses his SK2 plugin. This has resulted in a lot of fear spreading amoung a huge number of bloggers. This sort of thing just spreads exponentialy. Here’s a quasi random sampling of two dozen of the first posts on it: ………………….. And these were just from the English blogs that post about this on the same day as the notice going out. The neat thing is that these are some of the most on-top-of-things bloggers out there. Those 24 blogs have some great content and gread visual styles. The are well worth perusing… [...]

By: kritikus hiba a wordpress 2.0.3 Ã©s rÃ©gebbi verziÃ³iban - kobak pont org

kritikus hiba a wordpress 2.0.3 Ã©s rÃ©gebbi verziÃ³iban - kobak pont org — Thu, 27 Jul 2006 18:43:57 +0000

[...] forrÃ¡s: darknet, dr dave Ezekre klikk, ha menteni akarod a posztot. [...]

By: An Information Security Place » Blog Archive » Serious flaw in Wordpress 2.0.3 and below

Thu, 27 Jul 2006 13:48:47 +0000

[...] For my blogging friends out there using Wordpress, take serious note of this post from Darknet.Â Seems like all versions of Wordpress below 2.0.3 are vulnerable (2.0.4 should be coming out very soon) to a flaw in the Subscriber functionality.Â If you require people to register before they can comment, then you need to make sure you turn off the “anyone can register” option and delete any subscribers you do not not know personally or who have never posted or have not posted for a long time (personally, I don’t require people to subscribe to comment - you might consider either turning off comments or not requiring membership untiol 2.0.4 comes out). [...]

By: Navaho Gunleg » WordPress users: Disable ‘Anyone can register’!

Navaho Gunleg » WordPress users: Disable ‘Anyone can register’! — Thu, 27 Jul 2006 06:57:30 +0000

[...] Through Darknet I discovered that apparently a vulnerability has been found in WordPress that could allow evil people to do nasty stuff. Details remain vague though, but according to Dr Dave, one should disable the Anyone can register thingy in the Options of their weblog to prevent the vulnerability being exploited. [...]