I've installed WordPress sometimes ago and check some security issues.
What i've seen its possible SQL injection, because escaping method in wpdb use simple addslashes. If You want read something about this possible injections type this in Google.
function escape($string) {
return addslashes( $string );
// Disable rest for now, causing problems
/*
if( !$this->dbh || version_compare( phpversion(), '4.3.0' ) == '-1' )
return mysql_escape_string( $string );
else
return mysql_real_escape_string( $string, $this->dbh );
*/
}what I suggest to do is below:
function escape($string) {
if ( $this->dbh && function_exists( 'mysql_real_escape_string' ) )
return mysql_real_escape_string( $string, $this->dbh );
elseif ( function_exists( 'mysql_escape_string' ) )
return mysql_escape_string( $string );
else
return addslashes( $string );
}Greetings ;)
...
