[wp-trac] [WordPress Trac] #43535: sql injection via ajax function
WordPress Trac
noreply at wordpress.org
Tue Mar 13 07:18:16 UTC 2018
#43535: sql injection via ajax function
--------------------------+-----------------------------
Reporter: shinaku | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.9.4
Severity: normal | Keywords:
Focuses: javascript |
--------------------------+-----------------------------
Hey. We found a vulnerability in the file /wp-admin/admin-ajax.php
Allows you to make an injection into the database. Because of this, the
attackers got access to the data of the admins (and other things) and
installed the minor on the customer's server.
I think this problem needs to be solved in the next patch!
For example: URL: http://exeption.com/wp-admin/admin-ajax.php POST:
"action = click_block & id = 93"
Vulnerable parameter here "id".
In the event that a badly configured server firewall, as it turned out to
be from our customer - an attacker can mess things up.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43535>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list