I searched and didn’t see any mention of today’s Bugtraq posting on SQL injection. Looks like one is a path disclosure issue, no biggie, but I’m not sure about the other (I don’t yet run WP, so I can’t test- I’m in the pre-install evaluation stage.) The example given for 2.0.5 makes me a bit nervous though. Since I don’t see an obvious place for security stuff, I figured I’d try here- any comments?
The relevant bit:[Edit – code removed. It will be passed on – Podz]
- The topic ‘SQL injection report on Bugtraq’ is closed to new replies.