WordPress is a very popular personal publishing platform aka blogging platform (with a primitive CMS) in use all over the web.在WordPress是非常受欢迎的个人发布平台又名博客平台(与一个原始的细胞质雄性不育)在使用所有网站。 There are a number of serious security vulnerabilities in WordPress that may allow an attacker to ultimately run arbitrary code on the vulnerable system.有一些严重的安全漏洞在WordPress可能允许攻击者最终上运行任意代码的脆弱系统。 Unfortunately the authors believe in security-by-obscurity.很可惜,作者认为,在安全由默默无闻。 Here are the details.以下是有关的细节。

The vulnerabilities include “SQL Injection”, “Cross Site Scripting”, “这些漏洞,包括“ SQL注入” , “跨站点脚本” , “ Remote Code Execution远程执行代码 “, “Forgotten Password Security Issues” and also issues that may aid an attacker in social engineering like “Full Path Disclosure”. “ , ”忘记你的密码安全问题“和问题,也可能援助,攻击者在社会工程”的完整路径披露“ 。 An updated version of一的更新版本 WordPress (version 1.5.1.3)在WordPress (版本1.5.1.3 ) is available (可( automatic patch upgrade from WordPress 1.5.1.2 to 1.5.1.3自动补丁升级的WordPress 1.5.1.2至1.5.1.3 ) and users are strongly advised to upgrade immediately. )和用户强烈建议立即升级。

To give an example:举一个例子:

Cross Site Scripting: 跨站点脚本:
There are a number of cross site scripting issues in the WordPress personal publishing platform.有一些跨站点脚本问题,在在WordPress的个人发布平台。

http://wordpress/wp-admin/post.php?action=confirmdeletecomment&p=1& http://wordpress/wp-admin/post.php?action=confirmdeletecomment&p=1 &
comment=22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3C/script%3E评论= 22 % 3e % 3cscript % 3ealert ( document.cookie ) % 3c/script % 3e % 3c/script % 3e

http://wordpress/wp-admin/post.php?action=confirmdeletecomment&p=1
22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3C/script%3E&comment=2 22 % 3e % 3cscript % 3ealert ( document.cookie ) % 3c/script % 3e % 3c/script % 3e &评论= 2

Even though these vulnerabilities are in the admin section I still consider them a higher risk than “normal” because if an attacker has an admin’s cookie data then he can forge a cookie, access the admin section, and execute arbitrary code by inserting malicious php into an existing plugin.即使这些弱点,在政府当局第但我仍然认为他们有较高的风险,比“正常” ,因为如果一个攻击者有一个政府当局的Cookie数据,然后他可以建立一个Cookie ,访问管理部分,并执行任意代码插入恶意PHP中到一个现有的插件。 Also, if you are thinking that the referrer check in wordpress prevents this particular vulnerability then you are mistaken.此外,如果你认为这引荐检查在WordPress防止此特定漏洞那么你是错误的。

Further details on the进一步详细介绍 vulnerabilities and exploit脆弱性和利用 .

The moral of the story is upgrade and do it now .故事的寓意是升级和现在就这样做