SID 1:45056

Report a false positive

Rule Category

SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.

Alert Message

SERVER-WEBAPP Wordpress wpdb SQL injection attempt

Rule Explanation

This event is generated when an attempt of perform an SQL injection to the Wordpress database, is detected Impact: Web Application Attack Details: This SQL injection is triggered when the $wpdb->prepare method, that Wordpress uses to send SQL queries to its database, receives a set of characters that can lead to the creation of unsafe queries and then allow the injection of unwanted data into the database. Ease of Attack: Medium since it requires an authenticated user to trigger the attack

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2017-16510

Additional Links

wordpress.org/news/2017/10/wordpress-4-8-3-security-release/

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2017-16510
 Loading description