[wp-trac] [WordPress Trac] #43174: Found Sql Injection On Wordpress 4.9.2

WordPress Trac noreply at wordpress.org
Mon Jan 29 08:44:07 UTC 2018


#43174: Found Sql Injection On Wordpress 4.9.2
--------------------------+------------------------------
 Reporter:  teampoison    |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Security      |     Version:  4.9.2
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:
--------------------------+------------------------------

Comment (by Clorith):

 Hi there, and welcome to Trac.

 We encourage responsible disclosure through our HackerOne project page at
 https://hackerone.com/wordpress

 I'm going to be very stern in my words, did you completely ignore the big
 warnings not to post potential security vulnerabilities to Trac, you even
 have to explicitly acknowledge that you are not doing so?

 This ticket will be removed to protect any parties involved, this is not a
 confirmation of there being an issue, but a precaution taken to any ticket
 created concerning security, please follow up with a report on HackerOne
 if you feel it's a legitimate issue.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/43174#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list