Opened 9 years ago
Closed 7 years ago
#38829 closed defect (bug) (worksforme)
Message error posting the username and database name of the WP installation
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Priority: | normal | |
| Severity: | normal | Version: | |
| Component: | Database | Keywords: | |
| Focuses: | Cc: |
Description
Under severe load, MySQL is not responsive and WordPress shows a message "Can’t select database” showing the username and database name from the wp-config file.
This vulnerability could be leveraged by an attacker to assist in performing a brute force or dictionary attack against the database.
Change History (3)
#2
@
9 years ago
@pento
Hello Gary,
I can confirm that it is set to false.
I believe that I can replicate the condition.
While today I'm on the road, we can schedule some time for you to verify in the coming days.
Alvaro Gilabert aka mailcatala
#3
@
7 years ago
- Keywords reporter-feedback removed
- Milestone Awaiting Review deleted
- Resolution set to worksforme
- Status changed from new to closed
Hi @mailcatala,
Sorry that this fell by the wayside. I am unable to reproduce this issue today with the latest version of WordPress. I am going to close this out, but if you are still able to reproduce this issue, please re-open with more details.
Thank you for the ticket, @mailcatala!
This error should only be displaying if
WP_DEBUGis set totruein yourwp-config.php- could you confirm that this is the case? If so, this is expected behaviour,WP_DEBUGshould not be enabled in production.