WordPress2.2.1的新漏洞

31日有人发布了七个相关的漏洞,原始页面:WordPress ZeroDay Vulnerability Roundhouse Kick and why I nearly wrote the first Blog Worm (updated) ~ mybeNi websecurity。已经被wordpress的Trac收录。

大家可以看发布者的另一个文章,比较好玩.
This is the first Weblog XSS Worm
It uses the Security vulnerabilities in the latest WordPress Version (2.2.1) to get into your blog and help you patching the Security flaws! Everything based on Cross-Site Scripting and Cross-Site Request Forgery

*_! ,晕倒。

发表评论