[wp-hackers] Critical WP Flaw?
ryan at boren.nu
Thu Jul 27 08:20:56 GMT 2006
Computer Guru wrote:
>> Neither does asking about it on mailing lists and forums or reposting
>> with links on your own blogs, but they seem to be the popular things to
>> do these days.
> I agree with the latter, but I'm not asking for full disclosure here in the mailing list, I just want
> 1) Confirmation that it's not BS
See my previous. The problem is with plugins that don't check caps.
> 2) _Official_ threat level, just how serious is it?
If plugins don't check caps, it can be very serious.
> 3) Possible fix dates
Up to plugin authors.
> 4) Most importantly: how did Dr. Dave find out, who knows the dirty details and shouldn't?
You would have to ask them.
More information about the wp-hackers