post-page

Photo Album Plugin Vulnerabilities

9
responses
by
 
on
February 21st, 2008
in
WordPress Plugins, WordPress Security

S@BUN is at it again, this time, reporting multiple SQL Injection Vulnerabilities within the Photo Album plugin for WordPress. According to the security bulletin:

Multiple vulnerabilities have been identified in Photo Album (plugin for WordPress), which could be exploited by remote attackers to execute arbitrary SQL queries. These issues are caused by input validation errors in the “wppa.php” script when passing user-supplied parameters (e.g. “photo” or “album”) to certain functions (e.g. “wppa_album_name()” or “wppa_photo_name()”), which could be exploited by malicious people to conduct SQL injection attacks.

Multiple security advisory services places this round of vulnerabilities as a Moderate Risk. For example, FrSIRT describes the Moderate risk as being:

Remotely and locally exploitable flaws, which could lead to denial of Service or privilege escalation.

Versions 1.1 and prior of this plugin are vulnerable. As always, it is recommended that you disable this plugin until a patch for it is released.

[EDIT] Version 1.1 is a fix for this vulnerability. Versions 1.0 and prior might be vulnerable.

Related Posts:

 
Tags: , , , , , , , ,



heading
heading

Related Posts:

heading
9
Responses
Comments Feed

 

Comments

  1. LobsterMan says:
    2/21/2008 at 8:56 am

    As the author of the plugin, I’m pretty sure that 1.1 is secure. 1.1 is a security release to fix the issues mentioned. I had a few people contact me about the issues, and I had some people look at the 1.1 code.
    If someone can prove that version 1.1 is vulnerable, please contact me ASAP. if not, please post a clarification.

  2. ChaosKaizer says:
    2/24/2008 at 12:36 am

    @LobsterMan – clarifications, u ever heard of milw0rm. pronto

  3. Otto says:
    2/25/2008 at 8:22 am

    Inaccurate. 1.1 fixes these problems. See the original security advisory here:

    http://secunia.com/advisories/28988/

    Note this:
    Solution: Update to version 1.1.



Trackbacks/Pingbacks

  1. » Vulnerabilità nel Plugin Photo Album » WordPress Italy says:
    2/21/2008 at 4:42 am

    […] : weblogtoolscollection […]

  2. Wp Wordpress » Blog Archive » Photo Album Plugin Vulnerabilities says:
    2/21/2008 at 5:07 am

    […] Read it at the source […]

  3. Vulnerabilities in Photo Album WP Plugin? | Prudence and Madness says:
    2/22/2008 at 2:30 am

    […] you have been doing so, you better read this release from Weblog Tools Collection. It’s been reported that there had been multiple SQL injection vulnerabilities within the […]

  4. Sobre WP » Error de seguridad en parche Photo Album says:
    2/23/2008 at 5:45 am

    […] | Weblog Tools Collection Febrero 23rd, […]

  5. Quasi.Me › Photo Gallery: WPPA says:
    2/23/2008 at 1:51 pm

    […] a creare un album (dice di averlo aggiunto ma … nisba!) e non ho trovato risposte all’allarme sicurezza relativo. Disattivato. This was written by farmando. Posted on Saturday, February 23, 2008, at 11:51 pm. […]

  6. A Mind @ Play says:
    2/23/2008 at 3:26 pm

    […] the news that WordPress Photo Album plugin potentially contains a security vulnerability, I decided it was probably time that I took stock of my increasingly long plugins list and removed […]

Obviously Powered by WordPress. © 2003-2013

css.php