homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Databases
Forum Library, Charter, Moderator: open

Databases Forum

MYSQL Injection Vulnerability in WordPress 3.0
Trying to figure out if anyone has any info on this...

Msg#: 4236898 posted 4:24 pm on Nov 30, 2010 (gmt 0)

Hi all,

Am new to WebmasterWorld, so excuse me if this is in the wrong place. I am creating a new series of blogs for a client utilizing WP and am curious about WordPress 3.0 Multisite..I am sure that it would be efficient for my project(s) but we had a previous security issue with Multisite on a past project. We identified it as a rogue MYSQL injection and rather than search out the offensive code, we just took out Multisite. I have found other reports of this vulnerability but am trying to ascertain how common this is and if there are any fixes available.





10+ Year Member

Msg#: 4236898 posted 6:52 pm on Dec 13, 2010 (gmt 0)

I am curious about this as well.

JAB Creations

WebmasterWorld Senior Member jab_creations us a WebmasterWorld Top Contributor of All Time 10+ Year Member

Msg#: 4236898 posted 7:09 am on Jan 16, 2011 (gmt 0)

I cringe every time I see things posted like WordPress and innerHTML. I can't give you any existing software recommendations other then "not WordPress" as the code in WordPress is to put it in the most pleasant way possible, is ineffably atrocious. I wrote my own blog software according to my own high standards needs and haven't had any of the numerous problems that I had with WordPress; if you can't afford or have the time to develop your own blog software my best recommendation is to at least spend the time looking in to different blog software. I can tell you that if you do decide to move forward with WordPress and your clients decide they want plug-in A to work with theme B that you can expect insane bills to pay for the fixes to the mesh code.

- John

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / Databases
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved