[wp-trac] [WordPress Trac] #11104: 2.8.5 Injection Exploit
WordPress Trac
wp-trac at lists.automattic.com
Wed Nov 11 16:15:07 UTC 2009
#11104: 2.8.5 Injection Exploit
--------------------------+-------------------------------------------------
Reporter: bradyk | Owner: ryan
Type: defect (bug) | Status: new
Priority: high | Milestone: Unassigned
Component: Security | Version: 2.8.5
Severity: blocker | Keywords: dev-feedback 2nd-opinion exploit, injection, hack, malware, porn
--------------------------+-------------------------------------------------
Comment(by Dawid Golunski):
Hi,
I recently discovered a vulnerability in WordPress 2.8.5. It allows php
code execution in case of an authenticated user. I have already shared
this information with the wordpress security team along with temporary
patches. I guess this discovery could be relevant.
I assume that wordpress team will comment on this soon and release an
official patch.
Regards,
Dawid
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11104#comment:4>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list