[wp-hackers] Rethinking check_admin_referer()
peter.westwood at ftwr.co.uk
Tue Apr 18 21:06:05 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Andy Skelton wrote:
> On 4/18/06, David House <dmhouse at gmail.com> wrote:
>> How about this:
>> 1) Admin writes a post.
>> 2) Malicious user leaves a comment with an "image", whose source
>> redirecs to http://yoursite.com/wp-admin/post.php?action=delete&post=123
>> 3) Admin logs in
>> 4) Manage -> Comments
>> 5) Post is deleted.
>> No need to be able to create drafts.
> POST method would fix this. Somebody remind me why we are using GET.
Indeed it would.
Maybe this is something that needs working of for a 2.0.3 release?!?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the wp-hackers