[wp-hackers] corrupt wp-options a possible security risk
Melvin Rivera
melvitax at me.com
Tue Dec 2 20:47:45 GMT 2008
over the last week, i've had two blogs go down with a corrupt wp-
options. i am not sure if the cause was part of a 2.7 beta bug or not
but i think it is a possible security risk.
since wordpress could could not get any info out of the options
table, it assumed it was a new installation and allowed for someone
to enter a blog name and create an admin account. once i fixed the wp-
options table went into admin and deleted that account but i was just
lucky i noticed this right away.
the question is:
is it possible to add some sort database table health check before
assuming it is a new installation of wordpress?
melvin
More information about the wp-hackers
mailing list