Title: WordPress security and SQL injection attacks
Last modified: August 19, 2016

---

# WordPress security and SQL injection attacks

 *  [wp beginner](https://wordpress.org/support/users/wp-beginner/)
 * (@wp-beginner)
 * [15 years, 1 month ago](https://wordpress.org/support/topic/wordpress-security-and-sql-injection-attacks/)
 * Hello,
 * Overall, SQL injection attacks are an attack vector for any PHP/MySQL driven 
   site. WordPress is not immune to this.
 * I’m looking to create a simple WordPress site with no 3rd-party plugins, no 3rd-
   party themes, and no user comments. The only place the user will be able to type
   anything is into the search box. I would basically download WordPress 3.1 straight
   from wordpress.org and hand-code any slight adjustments to the CSS and html formatting.
   I would use a very long password, probably over 20 characters long with all sorts
   of unusual characters. This password would never get stored on any sort of online
   repository. Nothing like “livepass” or “we’ll remember your password for you”.
   Nothing like that.
 * For the above case, is there any SQL injection attack possibility using the latest
   WP version?
 * It seems that my site would have a very low attack profile.

The topic ‘WordPress security and SQL injection attacks’ is closed to new replies.

 * 0 replies
 * 1 participant
 * Last reply from: [wp beginner](https://wordpress.org/support/users/wp-beginner/)
 * Last activity: [15 years, 1 month ago](https://wordpress.org/support/topic/wordpress-security-and-sql-injection-attacks/)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics