Zap scanner show sql injection in wp-login.php

  • Resolved Zeeshan Khan

    (@web_micro)


    7 years, 9 months ago

    Today i scan my website using OWASP Zap scanner, and scanner report show that there is a SQL injection in wp-login.php.
    Below is the URL and attack that they generate in report.
    URL – /wp-login.php?action=lostpassword
    Parameter – wp-submit
    Attack – Get New Password’ OR ‘1’=’1

    Please help me how can i mitigate this SQL injection.
    Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    7 years, 9 months ago

    I think it’s unlikely that a “vulnerability” that’s visible through an automated scanner like this hasn’t been thoroughly investigated by the the WP security team — it’s almost certainly a false positive.

    Wordfence Security

    (@mmaunder)

    7 years, 9 months ago

    It’s quite difficult to find vulnerabilities in WordPress core these days. When the code base was younger, you may have had a chance of finding a vulnerability with an automated scanner. But these days it’s mature and the way we find vulnerabilities is by doing really close code analysis and coming up with hypotheses, and then testing them until we break something.

    I’m not suggesting it’s impossible that you’d find something with an automated scanner – just not that likely – so I’m with @sterndata on this one.

    I haven’t had a look at this specific issue, but based on some replies on the WP slack #forums channel, it looks like this is a false positive.

    Mark.

    Thread Starter Zeeshan Khan

    (@web_micro)

    7 years, 9 months ago

    Thanks for your precious suggestion.
    So you both are saying it looks like a false positive.
    Are you think i should not be worried about this report as they show SQL injection in WordPress Core.
    If yes then i will notify my client about same.
    Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Zap scanner show sql injection in wp-login.php’ is closed to new replies.