[wp-hackers] Another 'WP + SQL injection' post
podz at tamba2.org.uk
Wed Oct 19 16:21:19 GMT 2005
"Okay, this is a major concern for anyone with 'posting by email enabled'.
The warned you that giving out your address is a problem because other
people can post to your blog. That isn't all there is.
In at least my current version of wordpress (1.5.2), the wp-mail.php
page does not sanatize the input received and this leaves your database
open the sql insertion.
Because the layout of the database is easily discovered as a wordpress
data base, hackers could add themselves, remove you, or perform any
other data base function.
Also, this has the unfortunate side effect of preventing emails
containing certain punctuation from being put into the data base(think
quotations) and thuse never getting out of your pop3 box until you
If this hasn't already been addressed in more recent versions, it needs
to be. "
Would someone mind squashing this in the forums please ?
More information about the wp-hackers