*Overview*
Current versions of WordPress are vulnerable to a stored XSS. An
unauthenticated attacker can inject JavaScript in WordPress comments. The
script is triggered when the comment is viewed.
If triggered by a logged-in administrator, under default settings the
attacker can leverage the vuln
rth any
reward at all.
An up-to-date version (including a YouTube demo) of this document can be
found at http://klikki.fi/adv/yoast_analytics2.html .
--
Jouko Pynnonen
Klikki Oy - http://klikki.fi - @klikkioy
___
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
ld
prevent access to all FTP URLs.
*Credits*
The vulnerability was found and researched by Jouko Pynnönen of Klikki Oy,
Finland.
--
Jouko Pynnonen
Klikki Oy - http://klikki.fi - @klikkioy
___
Sent through the Full Disclosure mailing list
https:
*Overview*
Google Analytics by Yoast is a WordPress plug-in for monitoring website
traffic. With approximately seven million downloads it’s one of the most
popular WordPress plug-ins.
A security vulnerability in the plug-in allows an unauthenticated attacker
to store arbitrary HTML, including Jav
One more vulnerability reported on March 02 and fixed in version 3.1.9:
*4. Unauthenticated administrative functions*
An unauthenticated attacker may under certain conditions bypass WPML's
nonce check and perform administrative functions.
The administrative ajax functions are protected with non
n the case of WordPress, XSS triggered by an administrator can lead to
server-side compromise via the plugin and theme editors.
*CREDITS*
The vulnerabilities were found by Jouko Pynnonen of Klikki Oy while
researching WordPress plugins falling in the scope of the Facebook bug
bounty program.
T
OVERVIEW
A security flaw in WordPress 3 allows injection of JavaScript into certain
text fields. In particular, the problem affects comment boxes on WordPress
posts and pages. These don't require authentication by default.
The JavaScript injected into a comment is executed when the targe
