WordPressの脆弱性調査プロジェクト Day of bugs in WordPress3 始まる

Computer, Security 12月 1, 2013 #WordPress
(Last Updated On: )

Full Disclosureに以下のようなメールが投稿されていました。

Day of bugs in WordPress3が始まるようです。

http://websecurity.com.ua

ウクライナの方なのかな?Google Translateを使って読むと凡そ理解できます。WordPressユーザーは要注意です。

Full Disclosureに投稿されたメール:

Hello participants of Mailing List.


After you’ve watched my video demonstration of DAVOSET – DDoS attacks via
other sites execution tool (http://www.youtube.com/watch?v=RKi35-f346I) and
other my videos on security and non-security topics
(http://www.youtube.com/user/MustLiveUA/videos), including videos from
events in Kyiv, Ukraine, here are news for you.

As I announced last week at my site, today I’ll conduct new project – Day of
bugs in WordPress 3. Such projects lead to improving security of web
applications and to increasing awareness of web developers.

After conducting Month of Search Engines Bugs
(http://websecurity.com.ua/category/moseb/) in June 2007 and Month of Bugs
in Captchas (http://websecurity.com.ua/category/mobic/) in November 2007 and
many other projects during 2007-2008, I conducted projects Day of bugs in
WordPress in December 2007 and Day of bugs in WordPress 2 in July 2010.

In the first “Day of bugs in WordPress” project I disclosed 81
vulnerabilities in WP, in the second I disclosed 8 interesting
vulnerabilities. In new project I’ll disclose new interesting
vulnerabilities in WP.

Similarly to previous two projects Day of bugs in WordPress, this project
will be interesting for every user of WordPress, for developers of
WordPress, for every web developer who is using WP, for every one who is
interesting in WP and to draw attention of all web developers to security of
web applications.

But before disclosing vulnerabilities from the project, I’ll write about
multiple hiddenly fixed vulnerabilities in last versions of WordPress.

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

投稿者: yohgaki