Forums

WordPress › Support » Plugins and Hacks

[Plugin: PhotoContest Plugin] Multiple security leaks (2 posts)

  1. Rene Schmidt
    Member
    Posted 1 month ago #

    I did not review the whole plugin, just login.php where I have found a XSS leak and view.php as well as viewimg.php where SQL injection leaks are located. Most propably there are even more leaks as this plugin seems to be from an inexperienced PHP programmer.

    See http://www.reneschmidt.de/wpphotocontest/

  2. frekel
    Member
    Posted 1 month ago #

    Version 1.1 is committed to SVN.
    This should fix the mentioned issues.

Reply

You must log in to post.

About this Topic

Tags