[Plugin: WP Security Scan] Bug: Database Security - database.php (2 posts)

  1. KrX
    Posted 7 years ago #

    Bug 1. Function where wp-config.php gets changed.
    Function will replace <b>all</b> instances of $GLOBALS['table_prefix'], even if value it is replacing is not $table_prefix = 'foobar';
    e.g. New prefix: "foo". If the username is <i>define('DB_USER', 'wp_');</i> (happens to be <i>wp_</i>), the username will also be changed to "foo".
    (Line 141 of database.php)
    Suggestion: make criteria for <i>str_replace</i> include: <i>$table_prefix = '</i> and <i>';</i> like:
    $table_prefix = 'kwapc_';
    $line = str_replace("$table_prefix = '".$GLOBALS['table_prefix']."';", "$table_prefix = '".$newpref."';", $line);

    Bug 2. MySQL: Table wp_usermeta's whose meta_key value == "wp_capabilities" and "wp_metaboxorder_dashboard" do not get changed into the new prefix values.
    This causes WordPress to output errors like "You do not have sufficient permissions to access this page.", especially in administration pages.

  2. erigami
    Posted 6 years ago #

    Uh, can you explain a little bit more about Bug 2? I maintain a plugin that is apparently causing its users problems with a "You do not have sufficient permissions to access this page." message. One of my users pointed me here and I'm curious what the implications of #2 are.


Topic Closed

This topic has been closed to new replies.

About this Topic