[wp-trac] Re: [WordPress Trac] #4690: Wordpress options.php SQL
Injection Vulnerability
WordPress Trac
wp-trac at lists.automattic.com
Tue Jul 31 21:34:37 GMT 2007
#4690: Wordpress options.php SQL Injection Vulnerability
----------------------------+-----------------------------------------------
Reporter: BenjaminFlesch | Owner: anonymous
Type: defect | Status: new
Priority: high | Milestone: 2.3 (trunk)
Component: Security | Version: 2.2.1
Severity: major | Resolution:
Keywords: needs-patch |
----------------------------+-----------------------------------------------
Changes (by Nazgul):
* keywords: => needs-patch
* priority: highest omg bbq => high
* severity: critical => major
* milestone: => 2.3 (trunk)
Comment:
First, there is a nonce protecting that page, so it can't be exploited
remotely.
Second, you need the "manage_options" capability which by default is only
given to Administrators.
Administrators can do all sorts of "bad things" to their own blog by
design. It should be fixed asap, but isn't critical in my opinion.
--
Ticket URL: <http://trac.wordpress.org/ticket/4690#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list