Make WordPress Core

Opened 5 years ago

Last modified 5 years ago

#49669 new defect (bug)

Duplicate comments from the same user could be inserted to the database

Reported by: caseqiu's profile caseqiu Owned by:
Milestone: Awaiting Review Priority: normal
Severity: minor Version: 5.4
Component: Comments Keywords:
Focuses: Cc:

Description

In file wp_includes/comment.php function wp_new_comment, it first checks if the comment content submitted by the user already exists in the database (in wp_allow_comment) and then inserts the comment. When race condition happens, it could happen that the server handles two requests of submitting a comment with the same content from the same user and both pass the wp_allow_comment check, resulting in duplicate comments from the same user is inserted to the database.

Change History (1)

#1 @SergeyBiryukov
5 years ago

  • Component changed from General to Comments
Note: See TracTickets for help on using tickets.