Skip to main content

Wordpress Blind SQL Injection Vulnerability

My friend a Bay Area entrepreneur had a nasty surprise, his website was defaced. Updating the wordpress content management system to stable version and resetting the default theme from backup fixed the problem.

So don't forget to keep your wordpress CMS updated to latest release and secure your wordpress website to avoid such nasty surprises.

The vulnerability effects WordPress version 3.0.4. Malicious script kiddies exploit the remote blind SQL injection vulnerability in comment_post_ID to deface the wordpress websites. You can learn more about this vulnerability on packetstorm.
packetstormsecurity.org/files/104989/WordPress-3.0.4-Blind-SQL-Injection.html

Comments