Wordpress 2.5 Cookie Integrity Protection Vulnerability
Original release date: 2008-04-25
Last revised: 2008-04-25
Latest version:
http://www.cl.cam.ac.uk/users/sjm217/advisories/wordpress-cookie-integrity.txt
CVE ID: CVE-2008-1930
Source: Steven J. Murdoch <http://www.cl.cam.ac.uk/users/sjm
On Tue, Nov 20, 2007 at 07:08:36PM +0100, Stefan Esser wrote:
> Could you elaborate why you consider this news? Most public SQL
> injection exploits for Wordpress use this cookie trick.
I couldn't find it on the Wordpress bug tracker and when I mentioned
it to the Wordpress security address, they
Wordpress Cookie Authentication Vulnerability
Original release date: 2007-11-19
Last revised: 2007-11-19
Latest version:
http://www.cl.cam.ac.uk/users/sjm217/advisories/wordpress-cookie-auth.txt
CVE ID:
Source: Steven J. Murdoch <http://www.cl.cam.ac.uk/users/sjm217/>
Systems Af