For all those not reading security mailinglists. It is time to upgrade your WordPress blog (if you are among those, not using Serendipity). Today WordPress 2.0.6 was released that fixes several security vulnerabilities. Among these security fixes are two dangerous vulnerabilities reported by us.
The first vulnerability is an XSS (Cross Site Scripting) hole in WordPress's own CSRF protection. [READ MORE]
And the second vulnerability is a very interesting SQL injection. Very interesting, because it abuses charset conversion support to bypass the database escaping routines. Our demo exploit uses UTF-7. [READ MORE]
Both vulnerabilities have the potential to compromise the admin account, which in case of WordPress might allow arbitrary PHP code execution due to WordPress features.