[wp-forums] Possible security issue in WPORG theme

[Dion Hulse (dd32)]

my rule of thumb with swf's: If it didn't have a vulnerability patched last
week, it's probably vulnerable to every other swf XSS attack you've seen in
the last year..


On 20 April 2013 00:30, Mika Epstein <ipstenu at ipstenu.org> wrote:

> We actually already did a sweep on them last month and cleaned them up.
> Would be okay, bless its yet another vulnerability....
>
> On Apr 19, 2013, at 7:21 AM, Simon Prosser <pross at pross.org.uk> wrote:
>
> > Quite a few plugins use that zeroclipboard too.
> >
> >
> > On 19 April 2013 14:19, esmi at quirm dot net <esmi at quirm.net> wrote:
> >
> >> on 19/04/2013 13:34 Chip Bennett said the following:
> >>
> >> We don't currently have a dedicated, private communication medium for
> >>> reporting security issues specific to Themes. Unless/until we do, I
> would
> >>> recommend using security@ for responsible disclosure, and the
> information
> >>> will get from there to the Theme admins.
> >>
> >> I've updated the topic with a request to send all details to security at .
> >> In the meantime, the theme's author has been contacted via Paul from the
> >> bytesforall forum.
> >>
> >>
> >> Mel
> >> --
> >> http://quirm.net
> >> http://blackwidows.co.uk
> >> ______________________________**_________________
> >> wp-forums mailing list
> >> wp-forums at lists.automattic.com
> >> http://lists.automattic.com/**mailman/listinfo/wp-forums<
> http://lists.automattic.com/mailman/listinfo/wp-forums>
> >
> >
> >
> > --
> > My Blog: http://pross.org.uk/
> > Plugins : http://pross.org.uk/plugins/
> > Themes: http://wordpress.org/extend/themes/profile/pross
> > _______________________________________________
> > wp-forums mailing list
> > wp-forums at lists.automattic.com
> > http://lists.automattic.com/mailman/listinfo/wp-forums
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
>