[wp-forums] thread to watch
Christopher Ross
cross at thisismyurl.com
Mon Sep 13 18:56:50 UTC 2010
I'll say on a security note is that he's not completely wrong albeit difficult to follow. The reason my (primarily government) clients have me rip out a lot of the WP functionality is a potential for exploitation from plugins, although without installing plugins or core updates there's not a real threat. What I suspect his later comments eluded to was that a plugin programmer could fetch the username/password from wp-config.php and in turn the database but, it was hard to follow :)
On 2010-09-13, at 1:17 PM, Rich Pedley wrote:
> I don't know how serious this guy is, but it may be worthwhile keeping an eye on him just in case he is able to do what he says (hah).
>
> http://wordpress.org/support/topic/i-dont-need-help-but-i-have-questions?replies=18#post-1688473
>
> I know esmi has already replied, but you may want to keep an eye on it.
>
> Rich
> _______________________________________________
> wp-forums mailing list
> wp-forums at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-forums
__
Christopher Ross
Toronto 1 (416) 840-5828
Fredericton 1 (506) 474-2708
New Orleans 1 (504) 322 3485
http://christopherross.ca
http://www.thisismyurl.com
More information about the wp-forums
mailing list