http://elliottback.com/wp/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/ Internet & Technology Sun, 22 Nov 2009 02:40:56 -0400 http://wordpress.org/?v=2.8.4 hourly 1 http://elliottback.com/wp/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/#comment-2168567 Squidoo Builder Sun, 18 Jan 2009 12:05:31 +0000 http://elliottback.com/wp/archives/2007/07/02/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/#comment-2168567 Squidoo took good care of that with banning the iframe all together, this is real nasty though you can still see this happening with older WP blogs, they often use these tricks to stuff cookies or something. Squidoo took good care of that with banning the iframe all together, this is real nasty though you can still see this happening with older WP blogs, they often use these tricks to stuff cookies or something.

]]> http://elliottback.com/wp/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/#comment-720147 Ken Savage Tue, 03 Jul 2007 05:10:30 +0000 http://elliottback.com/wp/archives/2007/07/02/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/#comment-720147 Setting phasers to stun, I'm going in to take a closer look. Ensign Smith will you accompany me? Setting phasers to stun, I’m going in to take a closer look. Ensign Smith will you accompany me?

]]> http://elliottback.com/wp/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/#comment-719897 Kenny Tue, 03 Jul 2007 02:06:01 +0000 http://elliottback.com/wp/archives/2007/07/02/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/#comment-719897 Whoops.. "Libraries like HTML Purifier are simple enough to use" Whoops.. “Libraries like HTML Purifier are simple enough to use”

]]> http://elliottback.com/wp/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/#comment-719896 Kenny Tue, 03 Jul 2007 02:05:18 +0000 http://elliottback.com/wp/archives/2007/07/02/squidoo-xss-exploit-leads-to-wordpress-spam-deluge/#comment-719896 How negligent. Libraries like HTML Purifier simple enough to use -- what plausible reason do they have for allowing that type of markup? How negligent. Libraries like HTML Purifier simple enough to use — what plausible reason do they have for allowing that type of markup?

]]>