Zap scanner show sql injection in wp-login.php
-
Today i scan my website using OWASP Zap scanner, and scanner report show that there is a SQL injection in wp-login.php.
Below is the URL and attack that they generate in report.
URL – /wp-login.php?action=lostpassword
Parameter – wp-submit
Attack – Get New Password’ OR ‘1’=’1Please help me how can i mitigate this SQL injection.
Thanks.
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘Zap scanner show sql injection in wp-login.php’ is closed to new replies.