[wp-hackers] Exploit, or no?

Ryan Boren ryan at boren.nu
Wed Jun 29 00:24:22 GMT 2005

On Tue, 2005-06-28 at 22:52 +0000, Ryan Boren wrote:
> > And to Ryan/Matt, if you would like another set of eyes to review code
> > for that exploit, I'll be available today and tomorrow.
> We went ahead and commited for 1.5 and 1.6.  Please review and test.
> http://trac.wordpress.org/changeset/2667
> The problem is with XMLRPC args not being escaped because they come in
> through raw post data, thus avoiding magic quoting.
> If you want to try it out, you can svn update from the 1.5 branch or
> download the two updated files.  Just drop them on top of
> http://trac.wordpress.org/file/branches/1.5/xmlrpc.php?rev=2667&format=txt
> http://trac.wordpress.org/file/branches/1.5/wp-includes/functions-post.php?rev=2667&format=txt

When I backported this from 1.6 I left some 1.6-isms in. Use this new
version of xmlrpc.php.


Please test the hell out of XMLRPC.  Post, edit, etc. from your favorite
client and make sure I didn't break anything.  Test some incoming pings


More information about the wp-hackers mailing list