Web hosting, domain names, New Zealands web host
Homepage Website Hosting Domain Manager Network Status Knowledgebase Manager Support About Contact Us
Welcome to the Lounge Network Website:
The Lounge Network has been providing Premium Quality Web Hosting & NZ Domain Registration services since 2001. We utilise servers and networks, based in Professional Datacentres in both New Zealand and the USA. All data centres are World Class facilities, with secure and climate controlled environments. The server networks are monitored by professional data centre technicians 24x7, 365 days a year. Read more» NZ Owned hosting
 
Unmetered Diskspace, Unmetered Transfer, Windows or Linux, New Zealand Based Network, ASP.NET 2.0, PHP, CGI, SQL, SSL etc.,FREE spam & virus filtering, Plus loads more... click for more info
 
Economy Web Design Plan
click here for more info
 
 
 
nz based support

The customer support we provide to our clients is real New Zealand based support. This means that if you email us, you will get a reply from a person, based in New Zealand. This also means that you are communicating with someone in your own timezone. We handle all communication with professionalism... Read more»

Our clients include:
View our client portfolio page»
View client testimonials»


Latest News:
Subscribe to RSS Newsfeed»
Login:
Hosting Login»
Webmail Login»
Domain Name Manager Login»
Website Hosting:
Business Class Web Hosting»
Sign Up For Hosting Now»
Upgrade Hosting Plan»
Cancel Hosting»
Hosting Userguides:
Business/Corporate Userguide»
cPanel Hosting Userguide»
Domain Names:
Domain Name Manager Login»
Register/Renew a Domain»
Domain Name Pricing»
Compare Domain Pricing»
Change Domain Ownership»
Domain Whois Lookup»
Support & Network Status:
Knowledgebase Manager»
Latest News & Network Status»
Support Area»
Other Links:
How to make Payments» 
Update Personal Details»
Terms Of Service»
Articles:
The Facts About Web Hosting»
 
RSS Subscribe Latest News 05-09-2010:
RSS Subscribe WordPress Vulnerability - Wordpress Clients should update their scripts.
Posted on 16/02/10 9:08pm

WordPress Trashed Posts Security Bypass Vulnerability

SECUNIA ADVISORY ID:
SA38592

VERIFY ADVISORY:
http://secunia.com/advisories/38592/

DESCRIPTION:
A vulnerability has been discovered in WordPress, which can be
exploited by malicious users to bypass certain security
restrictions.

The vulnerability is caused due to WordPress not properly restricting
access to trashed posts, which can be exploited to e.g. view a trashed
post by accessing it's page directly.

Successful exploitation requires a valid user account.

The vulnerability is reported in version 2.9 and confirmed in version
2.9.1. Other 2.9.x versions may also be affected.

SOLUTION:
Fixed in the SVN repository.
http://core.trac.wordpress.org/changeset/13117

PROVIDED AND/OR DISCOVERED BY:
Thomas Mackenzie

ORIGINAL ADVISORY:
http://tmacuk.co.uk/?p=180

Click here for our Full Network Status Page»

If you would like to receive server announcements, please subscribe to our new RSS Newsfeed service by clicking the newsfeed link below. Most of the latest browsers such as Firefox 3, Internet Explorer 7 and Opera now have inbuilt RSS newsfeed readers.

All prices exclude GST unless otherwise stated. Errors and omissions excepted.
© Copyright Lounge Network 2001-2010