# Comments considered harmful: WordPress web hijack bug revealed



## JMH3143 (Jun 18, 2012)

> A frustrated Finnish security researcher has gone public with a vulnerability in WordPress that lets attackers hijack website admin accounts.
> 
> The flaw was found by Jouko Pynnönen, and is a cross-site scripting (XSS) bug similar to one patched last week. It is buried within the widely used web publishing software's comments system.
> 
> ...


Comments considered harmful: WordPress web hijack bug revealed â€¢ The Register


----------

