[wp-hackers] FW: [Full-disclosure] WordPress AdminPanel CSRF/XSS
- 0day
Mark Jaquith
mark.wordpress at txfx.net
Tue Feb 27 23:05:32 GMT 2007
On Feb 27, 2007, at 11:47 AM, howard chen wrote:
> can WP allow detete/update action thru HTTP Get?
This is an XSS bug. The 'delete' action is not an integral part of
the exploit. The vulnerability is that it could be used to execute
malicious JavaScripts. Anything you can do by executing JS could be
done as well.
We protect HTTP GET deletes with nonces
--
Mark Jaquith
http://markjaquith.com/
Covered Web Services
http://coveredwebservices.com/
More information about the wp-hackers
mailing list