Posted 6 months ago #
Ironically, this "security" plugin contains a glaring SQL injection vulnerability which allows anyone to execute arbitrary SQL commands on any site it's installed on, all while avoiding being added to the blacklists or security logs.
Could you provide me with a contact email address please and I'll forward on the details? Feel free to email me at johnbillion at gmail.
John
http://wordpress.org/extend/plugins/ttc-wordpress-security-plugin/
Posted 6 months ago #
John Blackbourn wrote:Could you provide me with a contact email address please and I'll forward on the details? Feel free to email me at johnbillion at gmail.
John
http://herselfswebtools.com/2008/06/wordpress-security-plugin-block-scrapers-hackers-and-more.html
Posted 6 months ago #
The author was informed yesterday and the fix was made within hours.
Please check the latest version as others are now not being served and should be auto-updated.
Posted 6 months ago #
Mark wrote:The author was informed yesterday and the fix was made within hours.
Please check the latest version as others are now not being served and should be auto-updated.
Will this plugin be reinstated into the WordPress plugin depository?
You must log in to post.
