[wp-hackers] WordPress Charset SQL Injection Vulnerability

Jeremy Visser jeremy.visser at gmail.com
Wed Dec 12 09:20:43 GMT 2007


On Tue, 2007-12-11 at 15:57 +1100, DD32 wrote:
> function escape($string) {
>   return addslashes( $string ); // Disable rest for now, causing problems
>   ......
> }

This wouldn't occur if WP was using mysql_real_escape_string(), am I
correct?



More information about the wp-hackers mailing list