Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#46810 closed defect (bug) (duplicate)

WordPress Attack Reaching wp_query parsing - Please Patch!

Reported by: dazamate's profile dazamate Owned by:
Milestone: Priority: normal
Severity: major Version: 5.1
Component: Query Keywords:
Focuses: Cc:

Description

Hi team,

First time here posting an issue.

I posted my problem on stack overflow:

https://stackoverflow.com/questions/55528704/how-to-stop-this-wordpress-query-attack

Someone mentioned they are seeing this issue also and I should probably alert you guys.

I am not sure how to debug this any further, it seems like the attacks are doing some tricky url query to try get an array filled malicious code to be processed by the wp query engine.

Check out my stack overflow post, there is also a link to my debug trace file.

Let me know if you need me to put any other debug code to log more details.

Change History (2)

#1 @knutsp
6 years ago

  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #17737.

Hello @dazamate

Welcome to Trac! There is already an issue tracking this.

#2 @Clorith
6 years ago

  • Keywords needs-patch removed
  • Milestone Awaiting Review deleted
Note: See TracTickets for help on using tickets.