[wp-hackers] Critical WP Flaw?
ryan at ryanduff.net
Thu Jul 27 09:50:58 GMT 2006
Ryan Boren wrote:
> I like to protect all non-idempotent operations with cap checks, even
> when the umbrella check should protect them. I'd suggest creating a
> Subscriber level user on a test blog and then directly enter the URLs
> that load your plugin. Make sure the caps are enforced for all entry
> points to your plugin.
9 emails later... you've wasted a lot of Ryan's time by starting this
thread while he could have actually been productive at fixing the issue.
And we wonder why things don't/can't get done around here.
irc.freenode.net #wordpress #plogger
More information about the wp-hackers