Opened 14 months ago

Closed 10 months ago

#20436 closed defect (bug) (invalid)

SQL injection, deleted most of wp_options table

Reported by: kieran.c Owned by:
Priority: normal Milestone:
Component: Database Version: 3.3.1
Severity: critical Keywords:
Cc:

Description (last modified by azaozz)

Don't know the specifics, but my site was hacked through SQL injection in the comment form. Most the wp_options table was deleted.

[edited]

Change History (5)

comment:1   kieran.c14 months ago

  • Component changed from General to Database

comment:2   azaozz14 months ago

  • Description modified (diff)

comment:3   azaozz14 months ago

  • Description modified (diff)

comment:4   azaozz14 months ago

Usually it's not a good idea to post this type of reports on trac. If you suspect WordPress has a bug that would allow this, please email to security@… providing as much information as possible. If you have identified a bug, please include step-by-step description of how to reproduce it.

comment:5   nacin10 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.