WordPress Hacked: Anyone Can View Future/Draft Posts

There is a bug in WordPress right now that is rather critical for anyone who uploads posts without immediately publishing. Simply by manipulating the URL any visitor can view all future, draft, or pending posts. Our site was vulnerable to this issue, but we patched it quickly because it could be used to retrieve the CyberNotes posts that we write ahead of time.

December 29, 2007 - Posted by sportsnut | Security News | | No Comments Yet

No comments yet.

« Previous | Next »

About

TheSecurityZone ( aka Tech News ) is basically a news and security information resource for anyone interested in security-related issues. As I travel across this Inner-planet we call the Internet I occasionally come across a news story which I think is interesting and would be interesting to others as well…and post it here.
This could be a top news story…or a hard to find news story or event…popularity of the article isn’t important…the most important factor is how interesting it is…it might not always even be computer or security related…even though most of the time it will be. A forum, also called TheSecurityZone, is available here if you have questions that you need to speak to someone about.
TheSecurityZone is a Member-Run Community, that is to say the members participate on virtually every level of the community, vote on issues and concerns, and have equal opportunity to advance and be elected to Committees.
We welcome your participation.

Archives
- January 2008 (5)
- December 2007 (6)
- November 2007 (3)
- June 2007 (1)
- February 2007 (1)
- January 2007 (2)
- December 2006 (9)
- September 2006 (1)
- August 2006 (2)
Categories
RSS
Entries RSS
Comments RSS

Tech News

The Information Security Resource

WordPress Hacked: Anyone Can View Future/Draft Posts

Leave a comment

About

Recent

Links

Archives

Categories

RSS

Site info