Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

WordPress < 3.1.4 / 3.2-RC3 Multiple Blind SQL Injection Vulnerabilities

Medium

Synopsis

The remote server is hosting an outdated installation of WordPress that is vulnerable to multiple blind SQL injection attacks.

Description

Versions of WordPress prior to 3.1.4 or prior to 3.2-RC3 are susceptible to multiple SQL injection vulnerabilities due to a failure to adequately sanitize user-supplied input prior to using it in database queries.

Solution

Upgrade to WordPress 3.1.4 / 3.2-RC3, or later.