Wordpress cross site scripting

Discuss the many weaknesses of browser security and ways to mitigate the threat

Wordpress cross site scripting

Post by Gilligan5150 on Tue Sep 18, 2012 1:27 am
([msg=69435]see Wordpress cross site scripting[/msg])

can someone help explain to me how to use this types of wordpress cross site scripting vulnerability
http://packetstormsecurity.org/files/113254

thank!!
Gilligan5150
New User
New User
 
Posts: 1
Joined: Tue Sep 18, 2012 1:22 am
Blog: View Blog (0)


Re: Wordpress cross site scripting

Post by tremor77 on Tue Sep 18, 2012 11:15 pm
([msg=69458]see Re: Wordpress cross site scripting[/msg])

Seeing as this latest Wordpress version is 3.4.2 and this is for 3.3.2 it's not likely that you'll find this exploit in a real world situation... especially as the ease of updating for wordpress is cake, for even the laziest and least tech savvy bloggers.

Addtionally a requirement of the exploit in part A) Login into an admin account. I wouldn't call any exploit that requires you to first have admin privs, an exploit at all, but merely a bug.
Image
User avatar
tremor77
Contributor
Contributor
 
Posts: 911
Joined: Wed Mar 31, 2010 12:00 pm
Location: New York
Blog: View Blog (0)



Return to Web

Who is online

Users browsing this forum: No registered users and 0 guests