How to fix SQL Injection bug in versions older than 3.x?

  • Resolved slapbox

    (@slapbox)


    1 year, 10 months ago

    For example, 2.9, 2.10, 2.11; which are still widely in use. Can you please share an example patch for older versions? Versions before 3.x still account for over 40% of the installation base.

    Thanks for the great work.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter slapbox

    (@slapbox)

    (I apologize for the formatting, I can’t seem to make it work with me)

    I looked at the differences between the latest and the vulnerable version prior and I assume the line we need to add is this one? 

    // Limit to only alphanumeric characters, including unicode and spaces.
$new_search = preg_replace( '/[^\pL^\pN\pZ]/', ' ', $new_search );

    So in 2.10.x it would look something like this?

    function edd_ajax_download_search() {
    global $wpdb;

    $search   = esc_sql( sanitize_text_field( $_GET['s'] ) );


    // Limit to only alphanumeric characters, including unicode and spaces.
    $search = preg_replace( '/[^\pL^\pN\pZ]/', ' ', $search );
    • This reply was modified 1 year, 10 months ago by slapbox.
    Plugin Support Mihai Joldis

    (@misulicus)

    Hi @slapbox

    This only affected versions 3.1.0.2 and 3.1.0.3, the issue does not affect any versions prior to 3.1.0.2. It was resolved with the 3.1.0.4 release.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘How to fix SQL Injection bug in versions older than 3.x?’ is closed to new replies.