[Plugin: PhotoContest Plugin] Multiple security leaks | WordPress.org

rene-schmidt
(@rene-schmidt)

14 years, 6 months ago

I did not review the whole plugin, just login.php where I have found a XSS leak and view.php as well as viewimg.php where SQL injection leaks are located. Most propably there are even more leaks as this plugin seems to be from an inexperienced PHP programmer.

See http://www.reneschmidt.de/wpphotocontest/

Viewing 1 replies (of 1 total)

frekel
(@frekel)

14 years, 6 months ago

Version 1.1 is committed to SVN.
This should fix the mentioned issues.

Viewing 1 replies (of 1 total)

The topic ‘[Plugin: PhotoContest Plugin] Multiple security leaks’ is closed to new replies.

Tags

In: Plugins
1 reply
2 participants
Last reply from: frekel
Last activity: 14 years, 6 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics