Comments on: WP-DBManager’s vulnerability

By: Erich Riesenberg

Erich Riesenberg — Wed, 14 Apr 2010 01:37:36 +0000

Thank you for this. New to WordPress, love this plug in, must learn about the other vulnerabilities with the other plug ins!

By: Web Developer and LAMP Expert – Shabbir » Blog Archive » WordPress plugins I’m using (cont’d)

Thu, 27 Aug 2009 18:41:13 +0000

[...] That post mentioned that I used WP-DBManager to create a backup of my live database. Though in another post, I talked about the possible vulnerability this plugin’s users may encounter if by any chance [...]

By: Lester Chan

Lester Chan — Fri, 20 Feb 2009 19:56:52 +0000

Just so happen to check out who is linking my blog and stumbled upon here. I am going to add in a check to ensure that the .htaccess file is in the backup folder. If it does not, it will appear a notice on the plugin top and instructions how to fix it.

By: George Serradinho

George Serradinho — Wed, 04 Feb 2009 16:25:49 +0000

Wow, I will make a empty file now.

Thanks for sharing

By: ymm0t

ymm0t — Tue, 13 Jan 2009 10:14:31 +0000

Quite dangerous isn’t it?
Luckily I don’t use that plugin and I think it’s better to backup our DB manually

By: Affiliate Marketing Guy Ron Davies

Affiliate Marketing Guy Ron Davies — Mon, 12 Jan 2009 05:10:47 +0000

Not to worry, your situation is not unique. I find a heck of a lot of WP users go installing plugins “willie nillie” without ever reading the file called “readme.txt” or the like which normally contains important (specifically security) do’s and don’ts for individual plugins.

It is great that you wanted to help others out for sure, but i think you will find most people are pretty carefull about the plugins they install and how they are installed.

Great post!

Ron

By: Kathleen

Kathleen — Wed, 07 Jan 2009 08:02:47 +0000

I’d completely forgotton about directory browsing in general; thanks for the reminder – I’ve just gone on an uploading-index-files spree.