This is a different kind of WordPress tip, but a highly essential one. A little towards the end of last year, David Kierznowski discovered a minor security flaw, a flaw nonetheless in WordPress version 2.0.5. It is possible that all lower versions are affected as well.
It was notified to the WordPress team and Mark Jaquith was quick to respond with a fix.
However, there has been no public announcement of the vulnerability and a fix as well from the WordPress team, which is not only shocking but also extremely irresponsible on their part.
I do understand the reason of wanting to keep this all hush-hush would be to get out a release in time. But, something like this is bound to spill and it has. v2.0.6 is said to be not vulnerable, but that isn’t out yet!
Instead of getting a patch ready ASAP, the change has been made in the Trac system, which is beyond any non-programmer.
To get your installation patched open up templates.php in wp-admin.
Goto Line 114 and replace the entire line with:
echo "<li><a href='templates.php?file=" . attribute_escape($recent) . "'>" . wp_specialchars(get_file_description(basename($recent))) . "</a></li>";
I’m not sure if this is the exact fix because I get a Call to undefined function: attribute_escape() . I can’t edit any files out there. But, I believe I won’t be hacked 
Now to wait for 2.0.6 which I guess should be coming really soon.
Liked this article? Stay in touch with us! Don't forget to Stumble It!
Grab the site feed
, subscribe via email or add to your Technorati favs.
Posted by Ajay under Tech News, Techtites Daily, Wednesday, WordPress
Post Information:
You may also like these posts:
- WordPress Wednesday: Getz WordPress 2.2
- WordPress 2.0.6 is out
- WordPress releases 2.0.7; Security Bugs squashed
- WordPress Wednesday: WordPress Plugin Competition
- WordPress Wednesday: Tips for Theme Authors
7 Responses to “ WordPress Wednesday: WordPress Vulnerability in 2.0.5 Downwards ”
Comments:
Have your Say!
Trackbacks & Pingbacks:
-
Pingback from WordPress 2.0.6 is out » Techtites
January 5th, 2007 at 11:19 pm[...] WordPress 2.0.6 is out We had reported that WordPress 2.0.5 and below version were affected by a critical security issue which could let a hacker into your site. [...]
-
Pingback from WordPress releases 2.0.7; Security Bugs squashed » Techtites
January 16th, 2007 at 9:52 am[...] If you haven't upgraded to even 2.0.6, I recommend that you upgrade your blog ASAP, because all versions prior to 2.0.6 have a big security bug. [...]
January 3rd, 2007 at 2:54 pm
Thanks!
I have completed the work!
January 5th, 2007 at 5:15 pm
attribute_escape()is a new function, and equates towp_specialchars($text, 1). The important part of that fix is thewp_specialchars()call that wraps the output ofget_file_description(basename($recent))I’ve marked 2.0.6 as ready for release. It should be going out very soon.
January 5th, 2007 at 5:18 pm
Thanks for the update Mark.
I guess we can wait for 2.0.6 since it should be out in a day or so?
January 5th, 2007 at 5:26 pm
Either that, or you can download it from SVN right now (though as you said, high geek factor there). I e-mailed Matt about 3 hours ago giving my stamp of approval for a 2.0.6 release, so I’m guessing it’ll go out within 24-48 hours.
January 5th, 2007 at 5:32 pm
Guess I can wait it out as well. Don’t have svn client installed yet on the server.