漏洞公告在这:http://www.securityfocus.com/archive/1/521359/30/60/threaded
Trustwave发布的,自己官网也贴了个:https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt

看看最后官方的答复,认为可以忽略。Trustwave避轻就重,还赚了三个CVE,这些漏洞是有场景的:wp没安装过的情况下才可以。来一个个看下。
Continue reading