Plugin is vulnerable to SQL injection exploits | ww.wp.xz.cn

Resolved Dominor Novus
(@dominor-novus)

13 years, 4 months ago

This plugin is potentially vulnerable to SQL injection exploits.

Warning: Missing argument 2 for wpdb::prepare()

Refer here: http://make.ww.wp.xz.cn/core/2012/12/12/php-warning-missing-argument-2-for-wpdb-prepare/

Also, the plugin doesn’t work for me despite following the workarounds.

http://ww.wp.xz.cn/extend/plugins/easy-facebook-share-thumbnails/

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Author hebeisenconsulting
(@hebeisenconsulting)

13 years, 2 months ago

Thank you for posting this and making us aware of the issue. We have worked hard to fix this and other issues in our 1.9 release. Let us know what you think! If you find anything else out of the ordinary, kindly let us know here. We want to get to the bottom of any problems that arise as soon as we can. If you have rated the plugin at 1 star, please let us know why, and we will try our best to change your mind! Thanks! – HC WordPress Plugins

photoMaldives
(@photomaldives)

13 years, 1 month ago

Hi hebeisenconsulting

I am interested in using your plugin, but can you please confirm that this issue has now been fixed in v1.9 ?

Thanks

Plugin Author hebeisenconsulting
(@hebeisenconsulting)

12 years, 12 months ago

Hi @photomaldives. Yes, updating the plugin should resolve the issue. Thanks!

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Plugin is vulnerable to SQL injection exploits’ is closed to new replies.

Tags

3 replies
3 participants
Last reply from: hebeisenconsulting
Last activity: 12 years, 12 months ago
Status: resolved