Web2Secure: Web Security Blog

We are non-funded group of security enthusiast who contributes and updates to community with latest security treats. Use and handle whatever links shared within website could be harmful to your systems with own risks. Feel free to use the contents for commercial or non-commercial purposes. We're very appreciating if using our useful information’s to your website by referring back to this original website. Donation or clicking on ads is most welcome to continue maintains costs for this website.

Thursday, July 16, 2009

WordPress 2.8.1 XSS

One of the famous Chinese blog website published PoC article regarding XSS in WordPress 2.8.1

This XSS can be triggered once the mouse pointer to posted crafted url within WordPress comments section. Showed in Example that the final destination link will redirect to http://www.inbreak.net/a.php

Translated webpage can be view by using Google translator ( accuracy is >90%) :)

Web2Secure: Web Security Blog

Pages

Thursday, July 16, 2009

WordPress 2.8.1 XSS

0 comments: