WordPress 2.8.6 --------- Exploit - GoFuckYourself.com

TheSenator · 11-12-2009, 02:09 PM

http://www.net-security.org/secworld.php?id=8502

Just upgrade and shut your mouth.

Agent 488 · 11-12-2009, 02:17 PM

WordPress 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

TheSenator · 11-12-2009, 02:18 PM

Upgrading.......

Went smoothly....No for all my little blogs and clients.

d-null · 11-12-2009, 02:20 PM

Quote:

Originally Posted by Agent 488

WordPress 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

probably going to wait for 2.8.7 then

seeandsee · 11-12-2009, 02:23 PM

jesus will they make exploit free?

dav3 · 11-12-2009, 02:25 PM

thanks for posting this

2.8.6 just released, time to update.

TidalWave · 11-12-2009, 02:26 PM

upgrading wordpress is a pain in the ass for me as the auto upgrade feature keeps failing at copying a file... sigh !

fris · 11-12-2009, 02:33 PM

pussy lips

Juicy D. Links · 11-12-2009, 02:35 PM

Quote:

Originally Posted by fris

pussy lips

fris · 11-12-2009, 02:35 PM

also, this exploit is only for users who have posting privleges, so if you have trusted users, you have nothing to worry about.

JD · 11-12-2009, 02:48 PM

jesus christ...

JamesK · 11-12-2009, 02:53 PM

Quote:

Originally Posted by fris

also, this exploit is only for users who have posting privleges, so if you have trusted users, you have nothing to worry about.

exactly. 99.9% of the people here wont be affected at all.

Cyber Fucker · 11-12-2009, 03:04 PM

Every another version has more and more holes that's also one of the reasons why I prefer to make older versions more secured instead of updating over and over again.

LoveSandra · 11-12-2009, 05:47 PM

thanks for posting

CYF · 11-12-2009, 05:49 PM

thanks for the info

seems every 2 weeks a new wordpress exploit comes out.

Ginn · 11-13-2009, 02:31 AM

Yes, it probably won't take long to wait for a 2.8.7 version

BigRod · 11-13-2009, 02:34 AM

and if you have UNtrusted publishers the only question is WHY?

11-12-2009, 02:09 PM	#1
TheSenator Too lazy to set a custom title Industry Role: Join Date: Feb 2003 Location: NJ Posts: 13,332	WordPress 2.8.6 --------- Exploit http://www.net-security.org/secworld.php?id=8502 Just upgrade and shut your mouth. __________________ ISeekGirls.com since 2005

11-12-2009, 02:18 PM	#3
TheSenator Too lazy to set a custom title Industry Role: Join Date: Feb 2003 Location: NJ Posts: 13,332	Upgrading....... Went smoothly....No for all my little blogs and clients. __________________ ISeekGirls.com since 2005

11-12-2009, 02:23 PM	#5
seeandsee Check SIG! Industry Role: Join Date: Mar 2006 Location: Europe (Skype: gojkoas) Posts: 50,945	jesus will they make exploit free? __________________ BUY MY SIG - 50$/Year Contact here

11-12-2009, 02:25 PM	#6
dav3 Confirmed User Industry Role: Join Date: May 2007 Posts: 7,348	thanks for posting this 2.8.6 just released, time to update. __________________ Webmasters :: Juicy Ads :: ACWM :: Crak Revenue :: Money Tree

11-12-2009, 02:26 PM	#7
TidalWave Confirmed User Industry Role: Join Date: Sep 2007 Location: Los Angeles Posts: 2,706	upgrading wordpress is a pain in the ass for me as the auto upgrade feature keeps failing at copying a file... sigh ! __________________ www.SwiftNode.com

11-12-2009, 02:17 PM	#2
Agent 488 Registered User Industry Role: Join Date: Feb 2006 Posts: 22,511	WordPress 2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

11-12-2009, 02:33 PM	#8
fris Too lazy to set a custom title Industry Role: Join Date: Aug 2002 Posts: 55,359	pussy lips __________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence. WP Stuff

11-12-2009, 02:35 PM	#10
fris Too lazy to set a custom title Industry Role: Join Date: Aug 2002 Posts: 55,359	also, this exploit is only for users who have posting privleges, so if you have trusted users, you have nothing to worry about. __________________ Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence. WP Stuff

11-12-2009, 02:48 PM	#11
JD Too lazy to set a custom title Industry Role: Join Date: Sep 2003 Posts: 22,651	jesus christ...

11-12-2009, 03:04 PM	#13
Cyber Fucker Hmm Industry Role: Join Date: Sep 2005 Location: On an endless road around the world for rock and roll. Posts: 12,642	Every another version has more and more holes that's also one of the reasons why I prefer to make older versions more secured instead of updating over and over again.

11-12-2009, 05:47 PM	#14
LoveSandra So Fucking Banned Join Date: Aug 2008 Location: Just Blow Me Posts: 10,551	thanks for posting

11-12-2009, 05:49 PM	#15
CYF Coupon Guru Industry Role: Join Date: Mar 2009 Location: Minneapolis Posts: 10,973	thanks for the info seems every 2 weeks a new wordpress exploit comes out. __________________ Webmaster Coupons Coupons and discounts for hosting, domains, SSL Certs, and more! AmeriNOC Coupons \| Certified Hosting Coupons \| Hosting Coupons \| Domain Name Coupons

11-13-2009, 02:31 AM	#16
Ginn Confirmed User Join Date: Apr 2009 Posts: 627	Yes, it probably won't take long to wait for a 2.8.7 version __________________ DIAMONDGAYS.com - fresh twinks and best ratio! Highly recommended!

11-13-2009, 02:34 AM	#17
BigRod Confirmed User Join Date: Apr 2005 Location: Vancouver, BC Posts: 3,685	and if you have UNtrusted publishers the only question is WHY? __________________ Rod Macdonald Mainstream Ad Agency Owner ICQ: 607306