WordPress.org

Make WordPress Core

Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#3781 closed defect (bug) (fixed)

Vulnerability in nonce AYS

Reported by: PsychoGun Owned by:
Milestone: 2.0.9 Priority: highest omg bbq
Severity: blocker Version: 2.0.7
Component: Security Keywords:
Focuses: Cc:

Description

Hi,

I found a vulnerability in wordpress, i made an exploit and i transmitted everything to
these security websites: mil0rwm, securityfocus, secunia ect
E-mail me if you want more specifications.

Change History (11)

comment:1 foolswisdom7 years ago

  • Milestone changed from 2.3 to 2.1.1

comment:2 foolswisdom7 years ago

Please email the details to security@… .

comment:3 foolswisdom7 years ago

LOL, that should be secuirty@… .

comment:4 foolswisdom7 years ago

Alright, I give up, going back to bed: security@…

comment:5 Viper007Bond7 years ago

  • Component changed from Administration to Security

comment:6 Nazgul7 years ago

  • Resolution set to fixed
  • Status changed from new to closed

Fixed in [4876]

comment:7 ryan7 years ago

  • Milestone changed from 2.1.1 to 2.0.9
  • Version set to 2.0.7

comment:8 foolswisdom7 years ago

  • Severity changed from normal to blocker

Fixed on all branches
2.0.9 [4877]
2.1.1 [4876]
trunk [4875]

comment:9 ryan7 years ago

  • Summary changed from Vulnerability in wordpress to Vulnerability in nonce AYS

comment:11 ryan7 years ago

Fixed for both 2.0.9 and 2.1.1.

Note: See TracTickets for help on using tickets.