And another critical bug in Wordpress

Thursday, September 13. 2007

Once again Wordpress has released a new update that fixes several security flaws in earlier version. Among the current fixes is a fix for a remote SQL injection. Attacker can get access to account data. I really like the functionality and extensibility of Wordpress. However this constant flow of critical security fixes does not help to raise the level of thrust into the quality of that product. Come on, developers. SQL injections are well known and easy to prevent in 99%. Where is your quality testing?

Posted by Carsten Schlipf Filed under Security.
Comments (0) Trackback (1)
Leave a comment or send a Trackback from your Blog.

Trackbacks


Trackback specific URI for this entry
    Wordpress Ditched - Hello Serendipity
    The last critical bug in Wordpress encouraged me to look for alternatives. A friendly soul in the forum of the Heise Newsticker [de] made me aware of Serendipity. And wow! Serendipity got me! It has a cleaner code base than Wordpress. The history showed d
    Weblog: The Occasional Thoughts of Yaba
    Tracked: Sep 18, 20:49

Comments


    No comments

Add Comment

HTML-Tags will be converted to Entities.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA