[wp-hackers] Security Vulnerability found - Forum Post

Scott Reilly scottr at gmail.com
Wed Apr 13 20:46:37 GMT 2005

I believe user_level of 5 or higher is required to edit a plugin via
the plugin editor, so this particular approach probably isn't

On 4/13/05, Mark Jaquith <mark.wordpress at txfx.net> wrote:
> >
> They could still just edit a plugin with code that would spit out the
> contents of wp-config.php and then they would have full access to your
> database.

More information about the wp-hackers mailing list