Comment Rating Plugin Fixes Security Vulnerability

Posted by admin in plugin, WordPress Se... | 12.09.2010 - 4:00 am

If you use the Comment Rating plugin for your WordPress powered site, you are highly encouraged to upgrade to the latest version as it fixes a security vulnerability. More specifically, a Cross-site Request Forgery attack. According to the report at OSVDB.org which is an Open Source Vulnerability Database:
The flaw exists because the application does not require multiple steps or explicit confirmation for unspecified sensitive transactions for the admin function. By using a crafted URL (e.g., a crafted GET request inside an “img” tag), an attacker may trick the victim into clicking on the image to take advantage of the trust relationship between the authenticated victim and the application. Such an attack could trick the victim into executing arbitrary commands in the context of their session with the application, without further prompting or verification.

There is no known workaround for versions lower than 2.9.21. Kudos goes to KrebsOnSecurity for reporting the flaw […]

Original post by Jeff Chandler

    Technorati Tags:

    Comments (0)
    Read More

    The Correct Way To Report A Security Issue With WordPress

    Posted by admin in plugin, WordPress Se... | 08.12.2009 - 4:15 pm

    If you don’t know by now, WordPress 2.8.4 has hit the public and it addresses a mild but hugely annoying issue. There was no advanced warning regarding the vulnerability but it was quickly patched in the core of WordPress for the next release. Unfortunately, word quickly spread and in fact, even my site WPTavern.com was affected by the problem as I received an email letting me know what my new password was even though I didn’t request one. Here are the details regarding the annoyance:
    a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password would be emailed to the account owner. This doesn’t allow remote access, but it is very […]

    Original post by Jeff Chandler

      Technorati Tags:

      Comments (0)
      Read More