NBBN has discovered some cross site scripting vulnerabilities for the WP-Footnotes plugin version 2.2 for WordPress.
Input passed to the “pre_footnotes”, “priority”, “post_footnotes”, and “style_rules” array elements in the “wp_footnotes_current_settings[]” array in the admin_panel.php script is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
The good news this time around is that, ‘register_globals‘ must be turned on for exploitation to occur. If you are using this plugin on your site, it is advised that you disable the plugin until a security patch has been released. According to the security bulletin, the solution is to edit the plugin source code to ensure that input is properly sanitized.
Again, if you know that your webserver has register_globals turned off, you are in the clear.
S@BUN has reported an “id” based SQL injection vulnerability within the WordsPew plugin version 3.x for WordPress.
Input passed to the parameter “id” in wordspew-rss.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The solution again is to edit the source code of the plugin to make sure that input is sanitized.
As always, thanks for the information and heads up!
These security alerts are excellent, just what was needed and thanks for taking the time to find this info out and posting for all to read!
Things are really coming to together in the WordPress community are they not?
I agree with KirkM ↑ , somebody should start monitoring wp-related security “consistently”. thanks for the notes jeff
Tnx, for the advise =), as always good info.
@chaoskaizer – Several sites already do. The ones I follow are,
http://blogsecurity.net
http://www.securityfocus.com
http://www.milw0rm.com
With MilwOrm just type ‘WordPress’ in the search box.