[wp-trac] [WordPress Trac] #46810: WordPress Attack Reaching wp_query parsing - Please Patch!

WordPress Trac noreply at wordpress.org
Fri Apr 5 11:20:25 UTC 2019

#46810: WordPress Attack Reaching wp_query parsing - Please Patch!
 Reporter:  dazamate      |      Owner:  (none)
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  Query         |    Version:  5.1
 Severity:  major         |   Keywords:  needs-patch
  Focuses:                |
 Hi team,

 First time here posting an issue.

 I posted my problem on stack overflow:


 Someone mentioned they are seeing this issue also and I should probably
 alert you guys.

 I am not sure how to debug this any further, it seems like the attacks are
 doing some tricky url query to try get an array filled malicious code to
 be processed by the wp query engine.

 Check out my stack overflow post, there is also a link to my debug trace

 Let me know if you need me to put any other debug code to log more

Ticket URL: <https://core.trac.wordpress.org/ticket/46810>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list