[...] TechBuzz lists all WordPress versions that are in danger of this exploit, but the short story is unless you’re using 2.0.6 you’re not safe. And as far as I know that one hasn’t been released officially yet. It’s advised you patch the culprit file in the meantime. (Make sure to back those files up first!) * It’s so popular, in fact, that sneaky people are making money off of hinting at how you can use it to make your money. They obviously haven’t head of WP’s support community. [...]
Just wanted to add one more thing.I had a contact with Matt(Wordpress) on email , He confimred about the news.So its safe.You can get to read about the email on my blog.
[...] Tech Buzz lists the vulnerable versions (almost all versions prior to 2.06), and adds, A Cross-site scripting (XSS) vulnerability has been in found in wp-admin/template.php which could allow malicious web users to inject arbitary web scripts or HTML code through the file parameter. [...]
[...] Bekannt ist diese Lücke wohl schon seit dem 27. Dezember, wie man bei dem Entdecker (?) Operation n nachlesen kann. techbuzz listet alle betroffenen stabilen Wordpress-Versionen. [...]
Add to Google Reader, Bloglines, Netvibes
wrote, on January 3rd, 2007
Thanks boy! I just researched a bit and patched it up.
wrote, on January 3rd, 2007
[...] TechBuzz lists all WordPress versions that are in danger of this exploit, but the short story is unless you’re using 2.0.6 you’re not safe. And as far as I know that one hasn’t been released officially yet. It’s advised you patch the culprit file in the meantime. (Make sure to back those files up first!) * It’s so popular, in fact, that sneaky people are making money off of hinting at how you can use it to make your money. They obviously haven’t head of WP’s support community. [...]
wrote, on January 3rd, 2007
thanks for the update
wrote, on January 3rd, 2007
Thx for highlighting me.I had been notifying other bloggers about it.
wrote, on January 3rd, 2007
Just wanted to add one more thing.I had a contact with Matt(Wordpress) on email , He confimred about the news.So its safe.You can get to read about the email on my blog.
wrote, on January 4th, 2007
[...] Tech Buzz lists the vulnerable versions (almost all versions prior to 2.06), and adds, A Cross-site scripting (XSS) vulnerability has been in found in wp-admin/template.php which could allow malicious web users to inject arbitary web scripts or HTML code through the file parameter. [...]
wrote, on January 5th, 2007
[...] Bekannt ist diese Lücke wohl schon seit dem 27. Dezember, wie man bei dem Entdecker (?) Operation n nachlesen kann. techbuzz listet alle betroffenen stabilen Wordpress-Versionen. [...]
wrote, on January 11th, 2007
Thanks for the heads up on this potential problem.