SQL query leak | ww.wp.xz.cn

Resolved jsvini
(@jsvini)

6 years, 1 month ago

Why is the ajax search returning the SQL query?

View post on imgur.com

Viewing 4 replies - 1 through 4 (of 4 total)

Plugin Author ILLID
(@mihail-barinov)

6 years, 1 month ago
Hello,

It is for debug purposes. If you want to hide it please use following code snippet
```
add_filter( 'aws_search_results_all', 'my_aws_search_results_all' );
function my_aws_search_results_all( $result_array ) {
    unset( $result_array['sql'] );
    return $result_array;
}
```
panda
(@alejorostata)

6 years, 1 month ago

is it Enabled by default?

Thread Starter jsvini
(@jsvini)

6 years, 1 month ago

@alejorostata yes it is enabled by default.

@mihail-barinov this is a security and performance issue.

Since this plugin have 40,000+ active installations a CVE ID has been assigned to track this vulnerability: CVE-2020-12070

Plugin Author ILLID
(@mihail-barinov)

6 years, 1 month ago

Fix in latest version

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘SQL query leak’ is closed to new replies.

4 replies
3 participants
Last reply from: ILLID
Last activity: 6 years, 1 month ago
Status: resolved