Hello participants of Mailing List.
First of all, Merry Christmas!
Here is my greeting card for you:
http://mlbpg.narod.ru/bp-flash/x-mas-2011.swf
And here is interesting information for you. After conducting Month of
Search Engines Bugs (http://websecurity.com.ua/category/moseb/) in June 2007
and Month of Bugs in Captchas (http://websecurity.com.ua/category/mobic/) in
November 2007 and many other projects during 2007-2008, I conducted projects
Day of bugs in WordPress in December 2007 and Day of bugs in WordPress 2 in
July 2010.
As I've announced earlier (http://seclists.org/fulldisclosure/2013/Nov/219),
at 30.11.2013 I conducted a Day of bugs in WordPress 3. In this project I've
disclosed many new vulnerabilities in WordPress.
In the first "Day of bugs in WordPress" project I disclosed 81
vulnerabilities in WP, in the second I disclosed 8 interesting
vulnerabilities in WP. And in the third I disclosed 10 new interesting
vulnerabilities in WP.
Here is a summary of results of the project "Day of bugs in WordPress 3"
(http://websecurity.com.ua/6908/). There were disclosed Information Leakage,
Backdoor, Cross-Site Request Forgery, Denial of Service, URL Redirector
Abuse and Cross-Site Scripting vulnerabilities in WP. In December I
translated description of all these vulnerabilities to English to the
Full-Disclosure mailing list.
All these projects lead to improving security of web applications and to
increasing awareness of web developers.
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua