[wp-hackers] 1.5..1.1 exploit

Mark Jaquith mark.wordpress at txfx.net
Wed Jun 22 13:14:38 GMT 2005


Stefano wrote:

>I got one of my blog hacked tonite, and i got this page with show an
>WordPress <= 1.5.1.1 sql injection "add new admin" exploit.
>
>I'm upgrading it to 1.5.1.2, but not sure if this exploit is still
>open, log of SVN don't mention it (or maybe i'm not able to find it if
>there is an entry about) :)
>
>  
>
Fixing that vulnerability was the reason for the 1.5.1.2 update:
http://wordpress.org/development/2005/05/security-update/


More information about the wp-hackers mailing list