[wp-hackers] Security Issue Post in Forums
Peter Westwood
peter.westwood at ftwr.co.uk
Thu Sep 7 09:28:19 GMT 2006
On Thu, September 7, 2006 10:07 am, Michael B wrote:
> http://wordpress.org/support/topic/86281?replies=3
>
> This is outside my experience level, and it seems suspect anyway (as Westi
> has already commented), but is leaving the relevant code in the post good
> form?
>
Probably best to strip the code.
The source is here:
http://www.securityfocus.com/archive/1/445374/30/0/threaded
I tried this against my sandbox 2.0.4 install and it didn't do anything.
No sign of SQL inject into any of the database queries as examined from
the dump produced by Ryans excelent dump_queries plugin [1]
westi
--
Peter Westwood <peter.westwood at ftwr.co.uk>
http://blog.ftwr.co.uk
More information about the wp-hackers
mailing list