I just used OWASP ZAP to scan my page and detected some vulnerabilities and it shows that my page is not SQL injection resistant. OWASP ZAP show that by accessing fallowing URL
/about/?query=query+AND+1%3D1+--+
injection is possible. It is a basic Wordpress page where I display information about my self there is even no input field which I will use to interact with the database by myself. How can I get rid of injection in such case? Is that even possible or it just some lacks inside of the Wordpress core?
