SQL injection vulnerability in Contact Form WordPress
Can allow attacker to create high cpuloads on server basicly in a sense causing a DOS or worse. lol.
Proof of concept code and patch to fix issue provided. Patch only allows up to 99 forms. I hope no one needs more forms than that. If you do …wow. Also WOW upside down spells MOM. Keep that in mind 😉
I looked for authors email but can’t find it.
- The topic ‘SQL injection vulnerability in Contact Form WordPress’ is closed to new replies.