[wp-trac] [WordPress Trac] #56558: Fatal Error caused by Uncaught TypeError: trim(): Argument #1 ($string) must be of type string, array given in /www/example_website/public/wp-includes/class-wp-query.php:803
WordPress Trac
noreply at wordpress.org
Wed Jul 26 04:27:16 UTC 2023
#56558: Fatal Error caused by Uncaught TypeError: trim(): Argument #1 ($string)
must be of type string, array given in /www/example_website/public/wp-
includes/class-wp-query.php:803
--------------------------+------------------------------
Reporter: rlmc | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Query | Version:
Severity: major | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by brookedot):
This recently came up in `wp-includes/class-wp-query.php:1973` on a site I
was working on. As the site was running WordPress 6.1, I am linking to the
same line in 6.2 but the line number has changed
https://github.com/WordPress/wordpress-develop/blob/6.2/src/wp-includes
/class-wp-query.php#L2011-L2014
The URL passed looks like this:
www.example.com.com/tags/the-tage/?page[%24eq]=1
In this case, some bad actor seems to be trying to brute-force the URL. It
appears the solution may be to add some additional validation on the
`page` query to return if anything but a string on the `trim`.
Looking at the original report though, it seems there may be several
places where adjustments need to be made.
Thoughts?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/56558#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list