The famour Feedsmith Feedburner plugin is vulnerable to a CSRF attack that can allow an attacker to completely hijack blog feeds.
Google responded quickly, and a fix is available. The advisory includes a proof of concept exploit: http://blogsecurity.net/wordpress/feedburner-feed-hijacking/ -- DK http://gnucitizen.org/about/dk
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
