[wp-hackers] Forum Post

Ryan Boren ryan at boren.nu
Mon May 23 22:41:12 GMT 2005


On Mon, 2005-05-23 at 16:21 -0400, Robert Deaton wrote:
> BTW, as far as exploits on the 1.5 codebase, there was one, an SQL
> Injection vunerability in wp-trackback.php. Although not easily
> exploitable, it still exist(ed). I don't remember if this got fixed or
> not, but I do remember seeing it on the gentoo bug tracker

http://trac.wordpress.org/changeset/2556#file3

That diff took care of a tb_id vulnerability, which is the only
wp-trackback related vulnerability that I am aware of.

Ryan



More information about the wp-hackers mailing list