Title: [Plugin: WP-DBManager] Security alert! Last modified: August 19, 2016 --- # [Plugin: WP-DBManager] Security alert! * [Joakim Jardenberg](https://wordpress.org/support/users/jardenberg/) * (@jardenberg) * [14 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/) * [http://andreasviklund.com/share/security-alert-wp-dbmanager-plugin-for-wordpress/](http://andreasviklund.com/share/security-alert-wp-dbmanager-plugin-for-wordpress/) * Deactivate now! Further info is sent to Lester. * Stay tuned. * [http://wordpress.org/extend/plugins/wp-dbmanager/](http://wordpress.org/extend/plugins/wp-dbmanager/) Viewing 8 replies - 1 through 8 (of 8 total) * Plugin Author [Lester Chan](https://wordpress.org/support/users/gamerz/) * (@gamerz) * [14 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058392) * Fixed: [http://lesterchan.net/wordpress/2011/05/01/wp-dbmanager-2-61/](http://lesterchan.net/wordpress/2011/05/01/wp-dbmanager-2-61/) * Thread Starter [Joakim Jardenberg](https://wordpress.org/support/users/jardenberg/) * (@jardenberg) * [14 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058394) * Excellent work! Thanks a million. * [Vijay Padiyar](https://wordpress.org/support/users/vijaypadiyar/) * (@vijaypadiyar) * [14 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058419) * Hi Lester * Could I also request you to update all calls to get_bloginfo(‘name’) or get_option(‘ blogname’) to go through wp_specialchars_decode()? Because otherwise it creates display problems in blogs that have an apostrophe in the blog name. This character is displayed wierdly in backup emails. * For instance, I have changed below lines in your files wp-dbmanager.php and database- manage.php as follows: * $mail_subject = sprintf(__(‘%s Database Backup File For %s’, ‘wp-dbmanager’), wp_specialchars_decode(get_option(‘blogname’)), $file_date); * This fixed my problem. Can you please make this change in your codebase itself? * Thanks * Vijay Padiyar * Plugin Author [Lester Chan](https://wordpress.org/support/users/gamerz/) * (@gamerz) * [14 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058487) * Vijay: Sure thing! Will add it in on 2.62 * [graphitegolem](https://wordpress.org/support/users/graphitegolem/) * (@graphitegolem) * [14 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058565) * Is this the reason that after I installed it, I got a message saying that my backup files MIGHT be visible to the public, and even after moving the htaccess file and refreshing my browser, I still got that message? * Plugin Author [Lester Chan](https://wordpress.org/support/users/gamerz/) * (@gamerz) * [14 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058567) * That has nothing to do with it. Ensure that your htaccess is renamed to .htaccess * Plugin Author [Lester Chan](https://wordpress.org/support/users/gamerz/) * (@gamerz) * [14 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058587) * Vijay: Released! [http://lesterchan.net/wordpress/2011/05/03/wp-dbmanager-2-62/](http://lesterchan.net/wordpress/2011/05/03/wp-dbmanager-2-62/) * [Vijay Padiyar](https://wordpress.org/support/users/vijaypadiyar/) * (@vijaypadiyar) * [14 years, 7 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058686) * Hi Lester * A mistake from my side. We also need to pass ENT_QUOTES to wp_specialchars_decode() to get it to work the way we want here: * wp_specialchars_decode(get_option(‘blogname’),ENT_QUOTES) * Could you please update all calls to wp_specialchars_decode() appropriately? * Thanks * Vijay Viewing 8 replies - 1 through 8 (of 8 total) The topic ‘[Plugin: WP-DBManager] Security alert!’ is closed to new replies. * ![](https://ps.w.org/wp-dbmanager/assets/icon.svg?rev=977538) * [WP-DBManager](https://wordpress.org/plugins/wp-dbmanager/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-dbmanager/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-dbmanager/) * [Active Topics](https://wordpress.org/support/plugin/wp-dbmanager/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-dbmanager/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-dbmanager/reviews/) * 8 replies * 4 participants * Last reply from: [Vijay Padiyar](https://wordpress.org/support/users/vijaypadiyar/) * Last activity: [14 years, 7 months ago](https://wordpress.org/support/topic/plugin-wp-dbmanager-security-alert/#post-2058686) * Status: not resolved