[wp-trac] [WordPress Trac] #43174: Found Sql Injection On Wordpress 4.9.2
WordPress Trac
noreply at wordpress.org
Mon Jan 29 08:36:55 UTC 2018
#43174: Found Sql Injection On Wordpress 4.9.2
--------------------------+-----------------------------
Reporter: teampoison | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: 4.9.2
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
Hello Wordpress Team,
I Found Sql Injection Vulnreability Of One Of Your Current Wordpress
Version Website.I Send You Vulnreable Url And Wordpress Version Detail Who
I Scan On Online Wordpress Version Checker.
Site Url : https://technologytimes.pk/archive.php?category=Techwire
Vulnreable Url : https://technologytimes.pk/archive.php?category=Techwire'
When I Add ' After The Url Its Show Me Sql Error With Admin Hidden
Directory Details. Fix This Issue On Your Wordpress.
I Send Scrennshot Of This Sql Vulnreability POC.
Thank You,
Wordpress Team
[[Image(https://prnt.sc/i71mmb)]]
[[Image(https://prnt.sc/i71mwy)]]
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43174>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list