Title: SQL injection attempt
Last modified: December 26, 2022

---

# SQL injection attempt

 *  [Rabbit77](https://wordpress.org/support/users/marc59/)
 * (@marc59)
 * [3 years, 5 months ago](https://wordpress.org/support/topic/sql-injection-attempt/)
 * Hello,
 * My site has been the victim of an SQL injection attempt via this plugin.
   The 
   target file is: /plugins/kirki/packages/kirki-framework/module-webfonts/src/Webfonts/
   Downloader.php_mysite.com [Sun Dec 25 00:00:16.798343 2022] [-:error] [pid 166256:
   tid 140154672981760] [client 127.0.0.1:44292] FastCGI: server “/home/clients/
   5ze5riuhA1zeu7eh79u6sd4uzR3uz5u/.config/apache/mysite.com/.fpm/php5.external”
   stderr: /home/clients/5ze5riuhA1zeu7eh79u6sd4uzR3uz5u/web/wp-content/plugins/
   kirki/packages/kirki-framework/module-webfonts/src/Webfonts/Downloader.php on
   line 47PHP message: PHP Warning: array\_keys() expects parameter 1 to be array,
   string given in /home/clients/5ze5riuhA1zeu7eh79u6sd4uzR3uz5u/web/wp-content/
   plugins/kirki/packages/kirki-framework/module-webfonts/src/Webfonts/Downloader.
   php on linexPHP message: PHP Warning: array\_values() expects parameter 1 to 
   be array, string given in /home/clients/5ze5riuhA1zeu7eh79u6sd4uzR3uz5u/web/wp-
   content/plugins/kirki/packages/kirki-framework/module-webfonts/src/Webfonts/Downloader.
   php on line xxxHP message: PHP Warning: Ixxxxxxxxxxxxxxxt ‘[https://fonts.gstatic.com/s/rubik/v23/iqszezeze](https://fonts.gstatic.com/s/rubik/v23/iqszezeze)
   _My web host reacted quickly.Is it possible to set up protections on the plugin
   or on these files?Thanks for your help.

The topic ‘SQL injection attempt’ is closed to new replies.

 * ![](https://ps.w.org/kirki/assets/icon-256x256.jpg?rev=3518366)
 * [Kirki – Freeform Page Builder, Website Builder & Customizer](https://wordpress.org/plugins/kirki/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/kirki/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/kirki/)
 * [Active Topics](https://wordpress.org/support/plugin/kirki/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/kirki/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/kirki/reviews/)

## Tags

 * [sql injection](https://wordpress.org/support/topic-tag/sql-injection/)

 * 0 replies
 * 1 participant
 * Last reply from: [Rabbit77](https://wordpress.org/support/users/marc59/)
 * Last activity: [3 years, 5 months ago](https://wordpress.org/support/topic/sql-injection-attempt/)
 * Status: not resolved