WordPress Stats Plugin Vulnerability Plugged

Written by ray on July 31, 2007
Categories: Security Vulnerability

I usually don’t mention WordPress vulnerabilities here, but since I use WordPress and the vulnerable plugin I figured I’d mention it (now that I’m patched).

The WordPress Stats plugin by Automattic (Andy Skelton ) had a critical SQL injection vulnerability that could allow admin credentials to be stolen. The vulnerability was patched in version 1.1.1 and was released July 27th.

I typically turn off (deactivate) plugins before updating them and in this case I had to re-enter the API key when activating the updated plugin.

Site Upgraded to WordPress 2.2
Spam Counts for Week Ending June 24, 2007
Firefox 2.0.0.5 Released
Mozilla Firefox 2.0.0.6 Released
Spam Counts for Week Ending June 3, 2007

Tags: wordpress

Comments are closed.

Categories
- Anti-Spam
- Anti-Spyware
- Anti-Virus
- Commentary
- Mail Clients
- News
- Pop-Up Ads
- Security Vulnerability
- Site News
- Spam
- Summary
- Uncategorized

Archives

WordPress Stats Plugin Vulnerability Plugged

Related Posts:

Categories

Archives