Search Light
Potential for SQL Attacks (4 posts)

  1. lachlan.mcdonald
    Posted 4 years ago #

    Perhaps I have missed something; but there doesn't seem to be any kind of input sanitisation going on. If you look at the itsas_sqlWhere() and itsas_search() functions, it seems that the SQL queries are being constructed WITHOUT any safe-guards against SQL injection attacks.

    No where is $wpdb->prepare() or mysql_real_escape_string() called. If no sanitisation is present, this represents a massive security problem for the plugin users.


  2. Mark (podz)
    Support Maven
    Posted 4 years ago #

    Thanks - I've closed the plugin so the author - who I will notify - can investigate. It will be back when it is okay.

  3. Sabinou
    Posted 4 years ago #

    Dang, so that's why the plugin's page is gone. Can't blame you.

    WordPress.org needs a "this plugin has been taken down because..." clause, I'm serious about it :(

    Edit : just found the Shortcoder plugin, because of an xss issue, has been temporarily removed until a new version is issued.
    I'll insist again : the wordpress project NEEDS a special page to tell a plugin has been taken down, even if no reason is provided (providing one would be much better, of course, but it would be more work), treating plugins as if they never existed is definitely the wrong way.

  4. Sabinou
    Posted 4 years ago #

    Please, I'm asking just in case, since the plugin's dev did nothing in 3 months and his latest blog post regarding the plugin is OOOOOOOOLD...

    Is it allowed to submit a fixed version of the code, or something like that ? Is forking recommended instead, or is it downright forbidden ?

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic