Wordpress Multiple Cross-Site Scripting, HTML Injection, And SQL Injection Vulnerabilities

Gentoo has released an advisory to provide updates for these issues. Updates may be appplied by running the following commands as the superuser:

emerge --sync
emerge --ask --oneshot --verbose ">=www-apps/wordpress-1.2.2"

The vendor has released version 1.2.2 of the affected package to resolve these issues, however, it is reported that the new version only fixes some of the issues described in this BID. Please see the attached message reference and BID 12066 for more information.

WordPress WordPress 1.2.1

WordPress WordPress 1.2.2


Privacy Statement
Copyright 2010, SecurityFocus