WordPress.org

Ready to get started?Download WordPress

Forums

Security issue with GeSHi library (4 posts)

  1. Grimmwolf
    Member
    Posted 8 years ago #

    I read in an article, that there is a problem with the GeSHi libary, that is in use in WordPress: (German)
    http://www.heise.de/newsticker/meldung/64410
    Here in an in-depth description: (english)
    http://securityreason.com/achievement_securityalert/23

    Is there any way to fix it in wordpress?
    Quote:
    "We can read config.php in PostNuke where we have login, password, dbname and dbhost.
    All variables needed to log in to database."

    Grimmwolf

  2. GeSHi is not used in WordPress core code.

    I guess the usage of it referred to would be the GeSHi bacsed Syntax Highlighter plugin

    I suggest you contact the plugin author for help.

  3. Grimmwolf
    Member
    Posted 8 years ago #

    Thank you for the clarification. :)

  4. More info on protecting against this can be found here:

    http://comox.textdrive.com/pipermail/wp-hackers/2005-October/002785.html

Topic Closed

This topic has been closed to new replies.

About this Topic