Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
What? A vulnerability in WordPress? But their code is so clean and maintainable, their code base so robust...
-
probably? I don't use wordpress but from rants I conclude it is for sure has any vulnerability you can think of since usually users end up throwing million extension to their websites
-
How are you supposed to fix it when a) word press haven't fixed it and b) it hasn't been disclosed yet (afaik)
I guess there is option c) uninstall? -
C0D4669027yBased on the tweet, it’s not exactly useful holding off with a full disclosure unless you’re a major plugin dev, whom can’t fix there plugins anyway.
Good job 👍 -
It's 2017, how can there still be SQL injection vulnerabilities in such a famous framework ?
-
@Strannch it's still stupidly prevalent, owasp 2017 top 10 still has it near the top spot in their rc2 release
Related Rants
-
rephiscorth38Everyone here ranting about a fucking missing semicolon. I can't remember the last time a missing semicolon wa...
-
CodesNotHot11-Laughed at Gitlab the other day -Accidentally dropped my db today. fuck karma
-
codeclod15When you have a super annoying problem that Google has been unable to help with... But you stumble upon a link...
Guess what? 😱 WordPress has probably an SQL injection vulnerability. Check it out and fix your installations, when more info will be known:
https://twitter.com/ircmaxell/...
undefined
fuck
php
wordpress