Support » Requests and Feedback » SQL Injection in WordPress

SQL Injection in WordPress

  • Is anyone else aware that you can bypass authentication in WordPress by using SQL Injection? Can we get this fixed soon please?

Viewing 5 replies - 1 through 5 (of 5 total)
  • Well thanks for telling the whole world.

    If you think you’ve found a security problem feel free to email me at any time. I would email you, but the address you used to register is fake.

    Hmm… I think I jumped the gun… I’ve tested this and I’m not seeing a problem. Sorry. My bad.
    From a recent Nessus scan:
    . Vulnerability found on port http (80/tcp) :
    The following URLs seem to be vulnerable to various SQL injection
    techniques :
    /index.php?submit=Search&cat=1&m=’ or 1=1–&p=11&s=&
    /index.php?submit=Search&cat=1&m=’ or ‘a’=’a&p=11&s=&
    /index.php?submit=Search&cat=1&m=’) or (‘a’=’a&p=11&s=&
    An attacker may exploit this flaws to bypass authentication
    or to take the control of the remote database.
    Solution : Modify the relevant CGIs so that they properly escape arguments
    Risk Factor : Serious
    See also : http://www.securiteam.com/securityreviews/5DP0N1P76E.html

    It seems to be all about MS SQL, not MySql, at least the linked page is all about it.

    We sanitize all those variables, so it shouldn’t be a problem. If you do find any problems, be sure to contact the developers in a prompt manner.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘SQL Injection in WordPress’ is closed to new replies.