[Plugin: Contact Form 7] SQL Injection | WordPress.org

elwhizard
(@elwhizard)

14 years, 9 months ago

Hi,

Is this plugin vulnerable to SQL injection. Received the information below from the contact form. Thanks in advance for the answers.

Subject: 1 declare @q varchar(8000) select @q = 0x57414954464F522044454C4159202730303A30303A313527 exec(@q) —

Subject: 1 declare @q varchar(8000) select @q = 0x57414954464F522044454C4159202730303A30303A313527 exec(@q) –/n/n

Message Body:/n
1

/n/n

http://wordpress.org/extend/plugins/contact-form-7/

Viewing 1 replies (of 1 total)

Plugin Author Takayuki Miyoshi
(@takayukister)

14 years, 9 months ago

Contact Form 7 is not vulnerable to SQL injection.

Viewing 1 replies (of 1 total)

The topic ‘[Plugin: Contact Form 7] SQL Injection’ is closed to new replies.

1 reply
2 participants
Last reply from: Takayuki Miyoshi
Last activity: 14 years, 9 months ago
Status: not resolved