Make WordPress Core

Opened 4 years ago

Closed 3 years ago

#20436 closed defect (bug) (invalid)

SQL injection, deleted most of wp_options table

Reported by: kieran.c Owned by:
Milestone: Priority: normal
Severity: critical Version: 3.3.1
Component: Database Keywords:
Focuses: Cc:

Description (last modified by azaozz)

Don't know the specifics, but my site was hacked through SQL injection in the comment form. Most the wp_options table was deleted.


Change History (5)

#1 @kieran.c
4 years ago

  • Component changed from General to Database

#2 @azaozz
4 years ago

  • Description modified (diff)

#3 @azaozz
4 years ago

  • Description modified (diff)

#4 @azaozz
4 years ago

Usually it's not a good idea to post this type of reports on trac. If you suspect WordPress has a bug that would allow this, please email to security@… providing as much information as possible. If you have identified a bug, please include step-by-step description of how to reproduce it.

#5 @nacin
3 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed
Note: See TracTickets for help on using tickets.