Make WordPress Core

Opened 3 years ago

Last modified 3 years ago

#51891 new defect (bug)

Multiple xmlrpc attacks after last update

Reported by: attunist's profile attunist Owned by:
Milestone: Awaiting Review Priority: normal
Severity: major Version: 5.5.3
Component: XML-RPC Keywords: needs-patch
Focuses: Cc:



After the latest WP update, I have began noticing an increasing amount of xmlrpc attacks for exploits that reached new peaks some 20 hours ago and without signs of slowing down.

With each attack I am getting the following entry in the error.log :

PHP Warning: call_user_func_array() expects parameter 1 to be a valid callback, array must have exactly two members in /home/.../public_html/wp-includes/class-wp-hook.php on line 289

I have de-activated the majority of the plugins and specifically those updated during the last week but that didn't change the scenery.

I am not a developer, I am a power WP user operating a multisite for a couple of years now and this is the first time I am noticing this aggressive hacking activity (hundreds of different IPs per hour just as to avoid immediate blacklisting). Also this is the first time I am opening a ticket in

Thank you for your attention.

Change History (2)

#1 @sabernhardt
3 years ago

  • Component changed from General to XML-RPC

#2 @redsweater
3 years ago

It seems unlikely that the increase in unwanted requests is linked to the WordPress update per se. I think these kinds of errors are usually caused by attempts to load the internal files of the WordPress installation directly. I assume these are attack probes but not really sure.

Note: See TracTickets for help on using tickets.