It’s 2024, and paid #WordPress plugins still have trivial SQL injection vulnerabilities like it’s 2004.
I hope that by 2034 PHP developers will learn how to use prepared statements and sanitize SQL inputs.
https://arstechnica.com/security/2024/04/hackers-make-millions-of-attempts-to-exploit-wordpress-plugin-vulnerability/#p3
Fabio Manganiello /
npub13u…dpvgs
2024-04-26 19:59:37
Author Public Key
npub13uunvh7djw9ep54nswkuxlneyee7ehcpc7e53t68krykrdeg6j4qrdpvgsPublished at
2024-04-26 19:59:37Event JSON
{
"id": "d2e2e7a31b6d9cf4751ecee0b25888e68f29e8f75bc84f7089629e40f68b4d9e",
"pubkey": "8f39365fcd938b90d2b383adc37e792673ecdf01c7b348af47b0c961b728d4aa",
"created_at": 1714161577,
"kind": 1,
"tags": [
[
"t",
"wordpress"
],
[
"proxy",
"https://manganiello.social/objects/b079b0b7-5130-41ed-ace8-03da7bfd0403",
"activitypub"
]
],
"content": "It’s 2024, and paid #WordPress plugins still have trivial SQL injection vulnerabilities like it’s 2004.\n\nI hope that by 2034 PHP developers will learn how to use prepared statements and sanitize SQL inputs.\n\nhttps://arstechnica.com/security/2024/04/hackers-make-millions-of-attempts-to-exploit-wordpress-plugin-vulnerability/#p3",
"sig": "ab62f02a35fb2b0186684b4d63eed153fe8a5e33fa1730ea24d2975930631278f1a12376a120d470aabd38c8bbec6a306c011c339ecde0a23dfc13cccfc72b47"
}