2 comments

[ 0.22 ms ] story [ 10.3 ms ] thread
I found this story interesting because,

- the exploit is so easy hundreds of websites will be affected(you can steal DB credentials just by typing a url).

- it's a combination of negligence from the developer of the plugin who didnt disclose the exploit for 6 month(he just patched it) and the fact,like him a lot of wordpress plugin developpers just dont know what they are doing.

the hack relies on a simple directory traversal attack :

http://en.wikipedia.org/wiki/Directory_traversal_attack

Many pro developpers ,even here, use wordpress to host content for clients.It's important they know what they risk with 3rd party plugins such as a simple image slider.

As someone who both uses Wordpress and develops plugins (which I try my best to make secure) this is both annoying and terrifying. I don't know how you could have a plugin architecture in PHP like Wordpress has, and have any real security without some constant diligence.