Forums

WordPress › Support » Plugins and Hacks

[Plugin: PhotoContest Plugin] Multiple security leaks (2 posts)

  1. Rene Schmidt
    Member
    Posted 3 years ago #

    I did not review the whole plugin, just login.php where I have found a XSS leak and view.php as well as viewimg.php where SQL injection leaks are located. Most propably there are even more leaks as this plugin seems to be from an inexperienced PHP programmer.

    See http://www.reneschmidt.de/wpphotocontest/

  2. frekel
    Member
    Posted 3 years ago #

    Version 1.1 is committed to SVN.
    This should fix the mentioned issues.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags