post-page

WP-Stats Plugin Vulnerability

2
responses
by
 
on
January 17th, 2006
in
LinkyLoo

WP-Stats Plugin Vulnerability: An SQL injection vulnerability has been found in the plugin WP-Stats version 2.x where the author parameter is not sanitized before it is used. At the time of writing, I am not sure which WP-Stats Secunia is talking about. However, if you use version 2.x of this plugin, please disable it till a patch is developed.
[EDIT]: See here for the new version that fixes the vulnerability. Thanks Ronald.

heading
heading
2
Responses

 

Comments

  1. Ronald (1 comments.) says:

    It’s gamerz WP-Stats, and the problem is solved.



Trackbacks/Pingbacks

  1. BloggingTom says:

    Sicherheitslcke in WP-Stats Plugin

    Gemss Secunia weist das WordPress Plugin WP-Stats eine Sicherheitslcke auf, der es Angreifern erlaubt, SQL-Code auf dem Server auszufhren:
    Preddy has discovered a vulnerability in WP-Stats, which can be exploited by malicious people to conduct SQL…

Obviously Powered by WordPress. © 2003-2013

page counter
css.php