Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

SQL Injection: Wordpress 3.0.2 released

Published: 2010-12-02
Last Updated: 2010-12-02 17:25:16 UTC
by Kevin Johnson (Version: 1)
1 comment(s)

 Wordpress has released a new version, 3.0.2, to fix a SQL injection flaw.  This flaw is in all previous versions of the codebase according to reports, which means that if you are running Wordpress, you must update.  This exploit is possible with author-level permissions but personally I would not depend on this to protect myself.  More information is available here.

1 comment(s)
Diary Archives