Title: [Plugin: WP Security Scan] Bug: Database Security &#8211; database.php
Last modified: August 19, 2016

---

# [Plugin: WP Security Scan] Bug: Database Security – database.php

 *  [KrX](https://wordpress.org/support/users/krx/)
 * (@krx)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/plugin-wp-security-scan-bug-database-security-databasephp/)
 * Bug 1. Function where wp-config.php gets changed.
    Function will replace <b>all
   </b> instances of $GLOBALS[‘table_prefix’], even if value it is replacing is 
   not $table_prefix = ‘foobar’; e.g. New prefix: “foo”. If the username is <i>define(‘
   DB_USER’, ‘wp_’);</i> (happens to be <i>wp_</i>), the username will also be changed
   to “foo”. (Line 141 of database.php) Suggestion: make criteria for <i>str_replace
   </i> include: <i>$table_prefix = ‘</i> and <i>’;</i> like: $table_prefix = ‘kwapc_’;
   $line = str_replace(“$table_prefix = ‘”.$GLOBALS[‘table_prefix’].”‘;”, “$table_prefix
   = ‘”.$newpref.”‘;”, $line);
 * Bug 2. MySQL: Table wp_usermeta’s whose meta_key value == “wp_capabilities” and“
   wp_metaboxorder_dashboard” do not get changed into the new prefix values.
    This
   causes WordPress to output errors like “You do not have sufficient permissions
   to access this page.”, especially in administration pages.

Viewing 1 replies (of 1 total)

 *  [erigami](https://wordpress.org/support/users/erigami/)
 * (@erigami)
 * [16 years, 7 months ago](https://wordpress.org/support/topic/plugin-wp-security-scan-bug-database-security-databasephp/#post-1130213)
 * Uh, can you explain a little bit more about Bug 2? I maintain [a plugin](http://wordpress.org/extend/plugins/miniposts/)
   that is apparently causing its users problems with a “You do not have sufficient
   permissions to access this page.” message. One of my users pointed me here and
   I’m curious what the implications of #2 are.
 * Thanks,
    e

Viewing 1 replies (of 1 total)

The topic ‘[Plugin: WP Security Scan] Bug: Database Security – database.php’ is 
closed to new replies.

 * In: [Requests and Feedback](https://wordpress.org/support/forum/requests-and-feedback/)
 * 1 reply
 * 2 participants
 * Last reply from: [erigami](https://wordpress.org/support/users/erigami/)
 * Last activity: [16 years, 7 months ago](https://wordpress.org/support/topic/plugin-wp-security-scan-bug-database-security-databasephp/#post-1130213)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics