[wp-hackers] 1.5.2 SQL Injection

Podz podz at tamba2.org.uk
Mon Mar 6 15:52:43 GMT 2006



Patrik Karlsson reported that WordPress 1.5.2 makes use of an
insufficiently filtered User Agent string in SQL queries related to
comments posting. This vulnerability was already fixed in the 2.0-series
of WordPress.


An attacker could send a comment with a malicious User Agent parameter,
resulting in SQL injection and potentially in the subversion of the
WordPress database. This vulnerability wouldn't affect WordPress sites
which do not allow comments or which require that comments go through a

Reported in the forums:

There are a lot of people still using 1.5.2
Can this be patched so an upgrade does not have to be the response ?

An announcement is also called for surely ?


More information about the wp-hackers mailing list