• Resolved fefed222

    (@fefed222)


    Hello,

    i don’t think it’s a problem but, Wordfence send me a notification of a Blocked for SQL Injection in query string

    here is a sample :
    uin 26, 2026 6:04am  36.133.36.177 (China)     Blocked for SQL Injection in query string: sdm_process_download = 1′ AND 1075=(SELECT UPPER(XMLType(CHR(60)||CHR(58)||CHR(113)||CHR(98)||CHR(122)||CHR(122)||CHR(113)|…

    Can you check in your side.

    Best regards

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor mbrsolution

    (@mbrsolution)

    Thank you for reaching out to us. Does your downloads have any type of protection? Or is it a free download offer?

    Kind regards.

    Thread Starter fefed222

    (@fefed222)

    They are public. not protected.
    Last version of module is installed.
    Best regards

    • This reply was modified 1 week, 3 days ago by fefed222.
    Plugin Contributor mbrsolution

    (@mbrsolution)

    Thank you for sharing that information. I am thinking that perhaps your site has been targeted. I suggest that you now try to have a simple type of protection for your downloads to see what happens. The following documentation can help you.

    https://simple-download-monitor.com/how-to-password-protect-your-wordpress-downloads/

    Let me know if this helps you.

    Kind regards.

    Plugin Contributor Ruhul

    (@tips-and-tricks-hq)

    Thanks for flagging this. There’s nothing to be alarmed about here, what you’re seeing is a generic, automated SQL injection probe, not a successful breach.

    Bots constantly scan WordPress sites and throw thousands of these injection payloads at known plugin parameters (in this case sdm_process_download) just to see if anything sticks. The fact that Wordfence blocked it means your protection is doing exactly what it should. Importantly, the plugin sanitizes its query inputs, so these attempts wouldn’t succeed against the download parameter even if Wordfence weren’t in front of them.

    As long as the site is functioning normally and you’re on the latest plugin version (which you’ve confirmed), there’s no action you need to take. This kind of background noise is routine for any public-facing site.

    Thread Starter fefed222

    (@fefed222)

    Hello,

    thanks for your feedback.

    best reagrds

Viewing 5 replies - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.