Support » Plugin: Search Light » [Plugin: Search Light] Potential for SQL Attacks

  • Perhaps I have missed something; but there doesn’t seem to be any kind of input sanitisation going on. If you look at the itsas_sqlWhere() and itsas_search() functions, it seems that the SQL queries are being constructed WITHOUT any safe-guards against SQL injection attacks.

    No where is $wpdb->prepare() or mysql_real_escape_string() called. If no sanitisation is present, this represents a massive security problem for the plugin users.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Mark (podz)


    Support Maven

    Thanks – I’ve closed the plugin so the author – who I will notify – can investigate. It will be back when it is okay.

    Dang, so that’s why the plugin’s page is gone. Can’t blame you. needs a “this plugin has been taken down because…” clause, I’m serious about it 🙁

    Edit : just found the Shortcoder plugin, because of an xss issue, has been temporarily removed until a new version is issued.
    I’ll insist again : the wordpress project NEEDS a special page to tell a plugin has been taken down, even if no reason is provided (providing one would be much better, of course, but it would be more work), treating plugins as if they never existed is definitely the wrong way.

    Please, I’m asking just in case, since the plugin’s dev did nothing in 3 months and his latest blog post regarding the plugin is OOOOOOOOLD…

    Is it allowed to submit a fixed version of the code, or something like that ? Is forking recommended instead, or is it downright forbidden ?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: Search Light] Potential for SQL Attacks’ is closed to new replies.