[wp-hackers] Another 'WP + SQL injection' post

Podz podz at tamba2.org.uk
Wed Oct 19 16:21:19 GMT 2005

"Okay, this is a major concern for anyone with 'posting by email enabled'.
The warned you that giving out your address is a problem because other 
people can post to your blog. That isn't all there is.
In at least my current version of wordpress (1.5.2), the wp-mail.php 
page does not sanatize the input received and this leaves your database 
open the sql insertion.
Because the layout of the database is easily discovered as a wordpress 
data base, hackers could add themselves, remove you, or perform any 
other data base function.

Also, this has the unfortunate side effect of preventing emails 
containing certain punctuation from being put into the data base(think 
quotations) and thuse never getting out of your pop3 box until you 
delete them.

If this hasn't already been addressed in more recent versions, it needs 
to be. "


Would someone mind squashing this in the forums please ?


More information about the wp-hackers mailing list