Opened 2 years ago
Last modified 2 years ago
#52178 new defect (bug)
Allowed memory size exhausted / url creates new post entry?
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | 5.6 |
| Component: | Posts, Post Types | Keywords: | reporter-feedback |
| Focuses: | Cc: |
Description
We get repeated bots (across multiple WP sites) hitting a specific URL pattern, they append a query string onto the end of a wordpress URL like this:
https://www.example.com/permalink-to-article?q=user%2Fpassword&name%5B%23markup%5D=id&name%5B%23type%5D=markup&name%5B%23post_render%5D%5B%5D=passthru
This causes a memory exhausted error here:
/wp/wp-includes/post.php at line 773:
} elseif ( is_object( $post ) ) {
if ( empty( $post->filter ) ) {
$_post = sanitize_post( $post, 'raw' );
$_post = new WP_Post( $_post ); ##<--- HERE
} elseif ( 'raw' === $post->filter ) {
$_post = new WP_Post( $post );
} else {
Change History (3)
Note: See
TracTickets for help on using
tickets.
Hi @sgatz! Does this happen when all plugins are deactivated and a default theme is used? I'm unable to recreate the error when I append that query string to a post permalink.