[wp-trac] [WordPress Trac] #10841: admin-ajax.php SQL INJECTION!!
WordPress Trac
noreply at wordpress.org
Tue Mar 14 18:30:38 UTC 2017
#10841: admin-ajax.php SQL INJECTION!!
-----------------------------+-------------------------
Reporter: ulgaming | Owner: westi
Type: defect (bug) | Status: closed
Priority: highest omg bbq | Milestone:
Component: Security | Version: 2.8.4
Severity: blocker | Resolution: worksforme
Keywords: sql injection | Focuses:
-----------------------------+-------------------------
Comment (by ravenousravendesign):
I recently had this attempt done to me via the file admin-ajax.php but my
wordfence caught it fortunately. Would love to see the injection code they
used though. I got this message after I wrote an article about "hacking"
and I had a comment come in and as I went to edit my post, I get the
message that wordfence blocked access from an intruder to that file. hmmmm
crazy.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/10841#comment:12>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list