[wp-trac] [WordPress Trac] #27492: I am able to hack the website ( http://www.gktw.org/ ) which is NOT my website
WordPress Trac
noreply at wordpress.org
Sun Mar 23 07:48:59 UTC 2014
#27492: I am able to hack the website ( http://www.gktw.org/ ) which is NOT my
website
------------------------------------+-----------------------------
Reporter: ovikassingho | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Login and Registration | Version: trunk
Severity: normal | Keywords:
Focuses: |
------------------------------------+-----------------------------
I am able to hack the website ( http://www.gktw.org/ ) which is NOT my
website.
Steps:
1. Goto the website wordpress login page i.e " http://www.gktw.org/blog
/wp-login.php "
2. Click on " Lost your password? " option
3. Click on " Register " option
OR
Directly Goto Register page i.e
" http://www.gktw.org/blog/wp-login.php?action=register "
4. I entered username as " ovikassingho " & my email id "
ovikassingho at gmail.com " and clicked Register
5. After that I received an email from wordpress regarding my Userid and
Password
So I request you to unlink the website " http://www.gktw.org/ " from my
User ID i.e " ovikassingho " and my email " ovikassingho at gmail.com " , As
I am not the owner of the website " http://www.gktw.org/ "
--
Ticket URL: <https://core.trac.wordpress.org/ticket/27492>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list