Login should use DB prepare method on user input
|Reported by:||filosofo||Owned by:||anonymous|
|Severity:||normal||Keywords:||wp-login wpdb prepare mysql has-patch|
I noticed that wp-login.php runs DB queries from user-inputted data that is sanitized in an ad hoc manner. If for no other reason than consistency, it seems to me that all such queries should use the prepare method, as this patch does.
Change History (4)
Note: See TracTickets for help on using tickets.