the life of a web developer » xss http://gavtaylor.co.uk/blog Just another WordPress weblog Wed, 11 Aug 2010 10:20:12 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 XSS vulnerability in WordPress http://gavtaylor.co.uk/blog/xss-vulnerability-in-wordpress http://gavtaylor.co.uk/blog/xss-vulnerability-in-wordpress#comments Tue, 21 Jul 2009 08:02:46 +0000 Gavin http://gavtaylor.co.uk/blog/?p=186 just a quick note to anyone that uses wordpress on their website, developers have found a XSS vulnerability that could allow people to redirect you from your blog admin.
Comment author URLs were not being fully sanitized before they were displayed. This bug has been fixed in version 2.8.2 so best to upgrade as soon as possible…

blog post on wordpress.org

]]> http://gavtaylor.co.uk/blog/xss-vulnerability-in-wordpress/feed 0