From:vul.kr
It had been published that wordpress 2.8 All version are suffering from Xss,attackers can use this to do fishing,they make a wordpress login page as it is your own.If you don’t take care,your password will be sent to the attacker’s website.With your password,they can edit pages and upload webshell.It is harmful.
It had been published that wordpress 2.8 All version are suffering from Xss,attackers can use this to do fishing,they make a wordpress login page as it is your own.If you don’t take care,your password will be sent to the attacker’s website.With your password,they can edit pages and upload webshell.It is harmful.
Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit
[
Wordpress 2.6.1 (SQL Column Truncation) Admin Takeover Exploit
Release date: 2007-12-10
Last modified: 2007-12-12
Source: Abel Cheung
Affected version: WordPress <= 2.3.1
Last modified: 2007-12-12
Source: Abel Cheung
Affected version: WordPress <= 2.3.1
Wordpress <= 2.0.6 wp-trackback.php Remote SQL Injection