begood Posted March 24, 2010 Report Posted March 24, 2010 Earlier in 2008 I wrote about Brute Force vulnerability in WordPress , which Kad was discovered back in 2007. As I recently checked in WordPress 2.9.2 This vulnerability has not been fixed. And I also discovered new vulnerabilities in WP.In March, 02/03/2010, I found Brute Force and Insufficient Authorization vulnerabilities in WordPress.Brute Force: Brute Force:In security features pages / records no password protection password selection (from Brute Force attacks).Insufficient Authorization:On each page / post in WP, you can put a password and these passwords are identical. But access to the password feature saves global Cookies working immediately for the entire site. Thus, specifying a password for every single page and write, you can see all zaparoleni Pages / record (with the same password, even without knowing the password matches), because if you ask them, access is automatically granted.In this case there are two side effects:1. In the case when there are multiple pages with one password (for example, a separate section of a site), this functionality will be easy, because you can enter the password once and get access to all pages at once with this password.2. In case you have different pages with different passwords, it will lead to discomfort when it recorded only the last password to other pages (with another password) protribno will always enter the password.Vulnerable WordPress 2.9.2 and previous versions (all 2.x versions). Checked in different versions of WP, in particular in 2.0.11 and 2.9.2. Google Translate Quote
