-
Bug
-
Resolution: Fixed
-
Blocker
-
None
-
2
-
Campaigns
-
Sprint #90
The (non released yet) functionality of campaign exporter has two parts that are vulnerable to SQL injections.
exporter-helper.php Line: 33
```
$wpdb->get_col(sprintf("SELECT meta_value FROM {$wpdb->postmeta} WHERE ( meta_key = '_thumbnail_id' or meta_key = 'backg round_image_id' ) AND post_id IN(%s)", implode(',', $post_ids)));
```
And :
exporter-helper.php Line: 47
```
$wpdb->get_col("SELECT post_content FROM {$wpdb->posts} WHERE ID IN( " . implode(',', $post_ids) . " ) AND post_content REGEXP '((wp-image-|wp-att-)[0-9][0-9]*)|\\\\[gallery |shortcake
_|href=|src='");
```
Task: Sanitise the SQL
Use command un WPDB to create the SQL query sanitised. Please create sanitised SQL query