Title: Sql injection on 2.6.2?
Last modified: August 19, 2016

---

# Sql injection on 2.6.2?

 *  [nicola-colonna](https://wordpress.org/support/users/nicola-colonna/)
 * (@nicola-colonna)
 * [17 years, 7 months ago](https://wordpress.org/support/topic/sql-injection-on-262/)
 * Hi all, tonight my wassup plugin alert me on this attempt:
 * [http://www.nicolacolonna.it/index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58)](http://www.nicolacolonna.it/index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58)),
   user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+id=1/
    [http://www.nicolacolonna.it/index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58)](http://www.nicolacolonna.it/index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58)),
   user_pass,CHAR(58),666,CHAR(58)),null,null,null+FROM+wp_users+where+id=1/
 * my home page is [http://www.nicolacolonna.it](http://www.nicolacolonna.it). I
   try the link, and the answer is “No page found”. I search in html code but i 
   don’t find any password information.
 * I know sql language, and I understand what the query try to do. It can be dangerous
   in this versione of wordpress (2.6.2)?
 * p.s. sorry for my english, I’m italian!

The topic ‘Sql injection on 2.6.2?’ is closed to new replies.

## Tags

 * [sql injection](https://wordpress.org/support/topic-tag/sql-injection/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 0 replies
 * 1 participant
 * Last reply from: [nicola-colonna](https://wordpress.org/support/users/nicola-colonna/)
 * Last activity: [17 years, 7 months ago](https://wordpress.org/support/topic/sql-injection-on-262/)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics