Full Disclosure mailing list archives
Security of themes for WordPress
From: "MustLive" <mustlive () websecurity com ua>
Date: Mon, 14 Feb 2011 20:46:31 +0200
Hello participants of Mailing List. In 2009 I already told you about security of plugins for WordPress (http://lists.grok.org.uk/pipermail/full-disclosure/2009-November/071553.html). And from that time I've updated that list of vulnerable plugins. And now I'll tell you about different vulnerabilities in themes for WordPress. Similarly to plugins, themes for WordPress also have vulnerabilities. Last week in my post Security of themes for WordPress (http://websecurity.com.ua/4915/) I made a summary about all vulnerabilities in themes for WP, which I found during 2007-2011. In this list multiple vulnerabilities in 93 themes for WordPress are mentioned. Including Cross-Site Scripting, Full path disclosure, Abuse of Functionality and Denial of Service vulnerabilities. So take care of your themes (as of your plugins) for WordPress and web sites which use them. Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Security of themes for WordPress MustLive (Feb 14)