WordPress PHP code injection vulnerability
May 26th, 2006 by Kat Kingsley-HughesSecunia is reporting that a vulnerability is present in [tag]WordPress [/tag]2.x which could allow hackers to gain remote access.
This vulnerability has been confirmed in WordPress 2.0.2 and may affect other versions (but not pre-2.0 versions since this doesn’t use cache files).
The current recommendation is that access is restricted to the following directories:
- wp-content/cache/userlogins/
- wp-content/cache/users/
This entry was posted on Friday, May 26th, 2006 at 3:38 pm and is filed under Wordpress. Both comments and pings are currently closed.