[Plugin: Subscribe2] SQL injection vulnerabilities | WordPress.org

Resolved holizz
(@holizz)

13 years, 9 months ago

We found at least one error in our logs because unescaped data was being inserted into an SQL statement (we didn’t exploit it, that’s left as an exercise for the reader). Here’s a patch against v8.3 that should hopefully prevent SQL injection attacks or accidents:

https://gist.github.com/2954136

I haven’t thoroughly tested it, but it’s a bit less vulnerable at least.

Thanks,
Tom Adams
dxw

http://wordpress.org/extend/plugins/subscribe2/

Viewing 2 replies - 1 through 2 (of 2 total)

Matt Robinson
(@mattyrob)

13 years, 9 months ago

Tom / holizz,

Thanks for taking the time to make a code submission. I’ll get patching and testing.

Matt Robinson
(@mattyrob)

13 years, 9 months ago

@tom / holizz,

I’ve added some comments to the github code – I’m testing the changes now but some of the patched code doesn’t fly in PHP 5.2.x so it needed amending. If you get chance have a look and see if you think the changes are okay.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘[Plugin: Subscribe2] SQL injection vulnerabilities’ is closed to new replies.

Tags

2 replies
2 participants
Last reply from: Matt Robinson
Last activity: 13 years, 9 months ago
Status: resolved