[wp-hackers] corrupt wp-options a possible security risk

Melvin Rivera melvitax at me.com
Tue Dec 2 20:47:45 GMT 2008


over the last week, i've had two blogs go down with a corrupt wp- 
options. i am not sure if the cause was part of a 2.7 beta bug or not  
but i think it is a possible security risk.

since wordpress could could not get any info out of the options  
table,  it assumed it was a new installation and allowed  for someone  
to enter a blog name and create an admin account. once i fixed the wp- 
options table went into admin and deleted that account but i was just  
lucky i noticed this right away.

the question is:
is it possible to add some sort database table health check before  
assuming it is a new installation of wordpress?

melvin


More information about the wp-hackers mailing list