SQL Injection Vulnerabilities (3 posts)

  1. richardhewitt
    Posted 8 years ago #

    Security Focus has reported ( http://www.securityfocus.com/bid/28703 ) SQL Injection Vulnerabilities in WordPress, present in wp-comments-post.php.
    The advisory states that WordPress 2.5 is vulnerable.

    I've not seen any other advisories regarding this issue, and cannot find anything in these forums.

    Does anyone know anything about this reported flaw - has it been verified and if so is there a patch? Should we disable comments in live blogs?

    Many thanks,


  2. mylife64
    Posted 8 years ago #

    I thought the report looked a bit sparse. Thanks for clearing that up Otto. :)

Topic Closed

This topic has been closed to new replies.

About this Topic