WordPress.org
Get WordPress

Make WordPress Core

Opened 11 years ago

Closed 11 years ago

#27105 closed defect (bug) (invalid)

Input validation on wp-includes/SimplePie/Cache/MySQL.php in line 344

Reported by: oswaldomg's profile OswaldoMG Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.5.2
Component: General Keywords:
Focuses: Cc:

Description

SQL Injection

This database query contains a SQL injection flaw. The function call constructs a dynamic SQL query using a variable derived from user-supplied input. An attacker could exploit this flaw to execute arbitrary SQL queries against the database.

Found by static analysis application.


344   $query = $this->mysql->prepare($sql);

Recommendations: Avoid dynamically constructing SQL queries. Instead, use parameterized prepared statements to prevent the database from interpreting the contents of bind variables as part of the query. Always validate user-supplied input to ensure that it conforms to the expected format, using centralized data validation routines when possible.

Change History (1)

#1 @nacin
11 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

If you're going to submit any more static code analysis tickets, please read the ticket form first:

Do not report potential security vulnerabilities here.
See the Security FAQ and contact security@….

This is invalid. The query is properly prepared. We also don't use SimplePie's MySQL cache in WordPress anyway.

Note: See TracTickets for help on using tickets.