Sep 30 2007

Malicious code insertion in Wordpress

Published by Kim Haverblad at 1:14 under Security

icon_malicous.gifI finally got around to upgrade to the latest WordPress (version 2.3) and I think it was highly needed due to that I’ve received unwanted comments posted to the blog from unregistered user.

The vulnerabilities that have been reported in Wordpress lets malicious users to conduct script insertion attacks and to conduct SQL injection attacks. Checking the vulnerability it states that it’s been reported in Wordpress prior to 2.2.3 and Wordpress MU prior to 1.2.5a.

Either there is a new vulnerability available for Wordpress or similar vulnerability works as well with version 2.2.3. So if you haven’t upgraded yet, recommendation is to download the latest version as soon as possible.

Kim Haverblad

One Response to “Malicious code insertion in Wordpress”

  1. # Doohervierion 21 Oct 2008 at 4:21

    Hi,
    My Name is, Richard
    nice overall content
    my site:

    http://H5YpD6.spaces.live.com/

Trackback URI | Comments RSS

Leave a Reply