WordPress.org

Make WordPress Core

Opened 14 months ago

Closed 14 months ago

Last modified 14 months ago

#46810 closed defect (bug) (duplicate)

WordPress Attack Reaching wp_query parsing - Please Patch!

Reported by: dazamate Owned by:
Milestone: Priority: normal
Severity: major Version: 5.1
Component: Query Keywords:
Focuses: Cc:

Description

Hi team,

First time here posting an issue.

I posted my problem on stack overflow:

https://stackoverflow.com/questions/55528704/how-to-stop-this-wordpress-query-attack

Someone mentioned they are seeing this issue also and I should probably alert you guys.

I am not sure how to debug this any further, it seems like the attacks are doing some tricky url query to try get an array filled malicious code to be processed by the wp query engine.

Check out my stack overflow post, there is also a link to my debug trace file.

Let me know if you need me to put any other debug code to log more details.

Change History (2)

#1 @knutsp
14 months ago

  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #17737.

Hello @dazamate

Welcome to Trac! There is already an issue tracking this.

#2 @Clorith
14 months ago

  • Keywords needs-patch removed
  • Milestone Awaiting Review deleted
Note: See TracTickets for help on using tickets.