[Full-disclosure] Question about disclosure of WordPress plugin vulnerabilities
Miroslav Stampar
miroslav.stampar at gmail.com
Fri Aug 26 13:08:26 BST 2011
Hi.
Does anybody know what's the general opinion on disclosure of
WordPress plugin vulnerabilities in these two sections:
1) unfiltered string parameter values - while magic_quotes are
automatically turned on on WordPress >= 3.0 [1] installations
2) admin ones (requires access to the restricted admin area)
Kind regards.
References:
[1] http://kovshenin.com/archives/wordpress-and-magic-quotes/
--
Miroslav Stampar
http://about.me/stamparm
Full-Disclosure is hosted and sponsored by Secunia.