Title: Possible Plugin vulnerability
Last modified: November 1, 2017

---

# Possible Plugin vulnerability

 *  Resolved [treecutter](https://wordpress.org/support/users/treecutter/)
 * (@treecutter)
 * [8 years, 7 months ago](https://wordpress.org/support/topic/possible-plugin-vulnerability/)
 * Hi Sudar
 * Wordpress just released 4.8.3 to plug a SQL injection vulnerability.
 * Here is the blog by the security researcher who seems to have found the vulnerability:
   
   [https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html?source=wordfence](https://blog.ircmaxell.com/2017/10/disclosure-wordpress-wpdb-sql-injection-technical.html?source=wordfence)
 * At the bottom of the blog a contributor has commented :
 * If you want to know if any plugin or theme will may have any trouble you can 
   use the following commands: grep -r ‘$wpdb->prepare’ . | grep ‘$_POST’ grep -
   r ‘$wpdb->prepare’ . | grep ‘$_GET’ grep -r ‘$wpdb->prepare’ . | grep ‘esc_sql’.
 * Running the above returns the $wpdb->prepare statement in the code for your Email
   Log plugin
 * Just thought you might want to look at this, hope it helps, many thanks

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Sudar Muthu](https://wordpress.org/support/users/sudar/)
 * (@sudar)
 * [8 years, 7 months ago](https://wordpress.org/support/topic/possible-plugin-vulnerability/#post-9640404)
 * Thanks for reporting this. I am looking into it right away to see if it needs
   a fix.
 *  [Sudar Muthu](https://wordpress.org/support/users/sudar/)
 * (@sudar)
 * [8 years, 7 months ago](https://wordpress.org/support/topic/possible-plugin-vulnerability/#post-9644103)
 * I have gone through the code and verified that this vulnerability doesn’t affect
   Email Log plugin.
 * Thanks again for sharing the original article.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Possible Plugin vulnerability’ is closed to new replies.

 * ![](https://ps.w.org/email-log/assets/icon-256x256.png?rev=1710920)
 * [Email Log](https://wordpress.org/plugins/email-log/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/email-log/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/email-log/)
 * [Active Topics](https://wordpress.org/support/plugin/email-log/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/email-log/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/email-log/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [Sudar Muthu](https://wordpress.org/support/users/sudar/)
 * Last activity: [8 years, 7 months ago](https://wordpress.org/support/topic/possible-plugin-vulnerability/#post-9644103)
 * Status: resolved