WordPress is a very popular personal publishing platform aka blogging platform (with a primitive CMS) in use all over the web.在WordPress是非常受歡迎的個人發布平台又名博客平台(與一個原始的細胞質雄性不育)在使用所有網站。 There are a number of serious security vulnerabilities in WordPress that may allow an attacker to ultimately run arbitrary code on the vulnerable system.有一些嚴重的安全漏洞在WordPress可能允許攻擊者最終上運行任意代碼的脆弱系統。 Unfortunately the authors believe in security-by-obscurity.很可惜,作者認為,在安全由默默無聞。 Here are the details.以下是有關的細節。

The vulnerabilities include “SQL Injection”, “Cross Site Scripting”, “這些漏洞,包括“ SQL注入” , “跨站點腳本” , “ Remote Code Execution遠程執行代碼 “, “Forgotten Password Security Issues” and also issues that may aid an attacker in social engineering like “Full Path Disclosure”. “ , ”忘記你的密碼安全問題“和問題,也可能援助,攻擊者在社會工程”的完整路徑披露“ 。 An updated version of一的更新版本 WordPress (version 1.5.1.3)在WordPress (版本1.5.1.3 ) is available (可( automatic patch upgrade from WordPress 1.5.1.2 to 1.5.1.3自動補丁升級的WordPress 1.5.1.2至1.5.1.3 ) and users are strongly advised to upgrade immediately. )和用戶強烈建議立即升級。

To give an example:舉一個例子:

Cross Site Scripting: 跨站點腳本:
There are a number of cross site scripting issues in the WordPress personal publishing platform.有一些跨站點腳本問題,在在WordPress的個人發布平台。

http://wordpress/wp-admin/post.php?action=confirmdeletecomment&p=1& http://wordpress/wp-admin/post.php?action=confirmdeletecomment&p=1 &
comment=22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3C/script%3E評論= 22 % 3e % 3cscript % 3ealert ( document.cookie ) % 3c/script % 3e % 3c/script % 3e

http://wordpress/wp-admin/post.php?action=confirmdeletecomment&p=1
22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E%3C/script%3E&comment=2 22 % 3e % 3cscript % 3ealert ( document.cookie ) % 3c/script % 3e % 3c/script % 3e &評論= 2

Even though these vulnerabilities are in the admin section I still consider them a higher risk than “normal” because if an attacker has an admin’s cookie data then he can forge a cookie, access the admin section, and execute arbitrary code by inserting malicious php into an existing plugin.即使這些弱點,在政府當局第但我仍然認為他們有較高的風險,比“正常” ,因為如果一個攻擊者有一個政府當局的Cookie數據,然後他可以建立一個Cookie ,訪問管理部分,並執行任意代碼插入惡意PHP中到一個現有的插件。 Also, if you are thinking that the referrer check in wordpress prevents this particular vulnerability then you are mistaken.此外,如果你認為這引薦檢查在WordPress防止此特定漏洞那麼你是錯誤的。

Further details on the進一步詳細介紹 vulnerabilities and exploit脆弱性和利用 .

The moral of the story is upgrade and do it now .故事的寓意是升級和現在就這樣做