[wp-trac] [WordPress Trac] #7710: admin account exploit
WordPress Trac
wp-trac at lists.automattic.com
Mon Sep 8 14:31:47 GMT 2008
#7710: admin account exploit
---------------------------+------------------------------------------------
Reporter: jeremyclark13 | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone:
Component: Security | Version: 2.6.1
Severity: critical | Keywords: milworm exploit
---------------------------+------------------------------------------------
It looks like milworm has an exploit for 2.6.1.
Link : http://www.milw0rm.com/exploits/6397
It looks like they can register an admin account then use the lost
password function to have the password changed.
--
Ticket URL: <http://trac.wordpress.org/ticket/7710>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list