WordPress 3.2.1 vulnerable to Persistent XSS (Cross Site Scripting)

Hey friends! in this post of , we have a bad news for almost everyone who has a wordpress blog/website.

The latest version of wordpress (3.2.1 and 3.1) both are vulnerable to persistent XSS attack or Cross site Scripting attack.

If you have a wordpress blog (3.2.1 / 3.1) just goto your dashboard and make a new post with the title..

 

Code 1:

learnhacking.in/”);” />

and just publish it..

If in the above case you get a popup saying learnhacking.in, your website is vulnerable to persistent XSS attack..

Patch to be provided soon..

A hacker can use this vulnerability to permanently redirect your website to his/her defacement page or much more..

Want to learn more from us, if yes then make sure that you subscribe to Learn Hacking and get regular updates on your email id..:)

Or you may also follow Learn Hacking on Twitter by clicking over here and our Facebook Fanpage by click over here to learn how to hack.

LearnHacking.in – Ethical Hacking was never so easy and interesting;-)

People who read this also read:

Leave a Reply

Your email address will not be published. Required fields are marked *