[wp-hackers] WordPress Charset SQL Injection Vulnerability

Lloyd Budd lloydomattic at gmail.com
Sat Dec 15 22:26:10 GMT 2007


On Dec 15, 2007 1:09 PM, Robin Adrianse <robin.adr at gmail.com> wrote:
> I've never understood why WordPress displays detailed SQL errors in an
> environment that is almost definitely production. Maybe it would be more
> prudent to be able to disable these? If something got changed around I
> wouldn't want my visitors to be seeing paragraphs of SQL errors everywhere.

Hi Robin,

Can you provide some specific examples of these? (bug #s) Generally,
that isn't the case, and my experience has been that they have been
fixed when identified.

Thanks,
Lloyd


More information about the wp-hackers mailing list