<<< Date Index >>>     <<< Thread Index >>>

Re: Sql Injection in wordpress 2.3.1



Wordpress 2.3.1 converts the 'p' parameter to an integer.

query.php line 449:
$qv['p'] =  (int) $qv['p'];

So there is no exploit possibility.