Wordpress Themes - WP Forum at BFA

Wordpress Themes - WP Forum at BFA (http://forum.bytesforall.com/index.php)
-   New Versions, & Updating (http://forum.bytesforall.com/forumdisplay.php?f=12)
-   -   Injection vulnerability in WP 2.8 and prior - also plugin related (http://forum.bytesforall.com/showthread.php?t=2499)

Franse Jul 17, 2009 08:47 PM
Injection vulnerability in WP 2.8 and prior - also plugin related
 
Hi all,

I hope this is the right forum to post that. I have read on
http://corelabs.coresecurity.com/ind...eges_Unchecked
that there is a considerable bug in Wordpress that has just been solved with 2.8.1. As the article mentions, there seem to be several pitfalls with allegedly "all" plugins that allow subscribed users to inject probably malicious code.

As I am still finding my way into the software and cannot answer it myself, I thought I'd ask here: Is Atahualpa prone to this bug? Or does it not apply to this theme?

Anway, I already updated my WP to the latest version. On a side note, this plugin ownz tremendously. So far I have been able to accomplish everything I wanted either by using the supplied forms or searching a little in the forums. Really kudos to the author(s) for such a great piece of software and the ongoing help. When I'm more or less done with configuration (and haven't found a hole that sinks my ship), I will certainly donate some money.

Back to the issue at hand: I hope somebody can calm my unrest about the aforementioned vulnerability.

cheers,
Franse

Flynn Jul 22, 2009 10:41 AM
Those issues are related to core WP files, Atahualpa does not deal with them


All times are GMT -6. The time now is 07:06 PM.

Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.