WordPress.org

Ready to get started?Download WordPress

Forums

Possible SQL Injection (1 post)

  1. mijobrands
    Member
    Posted 2 years ago #

    Hello there, i am having issue with one of my wordpress installation
    for some reason, i am getting daily insertion into the database without my permission.
    I already change my database password (though that may be an external link with access to my database) but injection is still happening, so i suppose that is something related with feed automation from one file inside my installation.
    This seems to be ghost records, since none of them are displayed into the admin or public part, but can be accessed if you know the url.
    The common thing of all the records, is that they are inserted into a category called aerotank
    For some reason, looking at the wp_options table, i found a record with some rewrite rules that includes conditions for aerotank. But every time i delete the record, a new one is generated.
    Can someone provide an advice
    best,

Topic Closed

This topic has been closed to new replies.

About this Topic