[wp-hackers] WordPress Charset SQL Injection Vulnerability

Dino Termini dino at duechiacchiere.it
Sat Dec 15 23:37:56 GMT 2007

Austin Matzko ha scritto:
> example, currently WP calls the wpdb show_errors method in several
> places.  It seems to me that the show_errors object variable should be
> set to false, and the show_errors method should be called only if
> WP_DEBUG is set to true.  
I agree with this, definely! Currently I had to hack my Wordpress in 
order to hide those errors, and show a courtesy message (something more 
user friendly, like "we apologyze for the inconvenience, and will be 
back as soon as possible") to my visitors. I hope next versions of 
Wordpress will include this feature by default.

due chiacchiere <http://feeds.feedburner.com/duechiacchiere>

More information about the wp-hackers mailing list