[wp-hackers] Forum Post: Security

Mark Ghosh mark at wltc.net
Fri Jun 24 12:13:51 GMT 2005


David House wrote:

>On 6/24/05, Podz <podz at tamba2.org.uk> wrote:
>  
>
>>Maybe some posts that hit the Dashboards are in order ?
>>    
>>
>
>There already is one.
>
><http://wordpress.org/development/2005/05/security-update/>
>
>  
>
The string is used by a perl script that uses the Category security 
vulnerability mentioned in the above dev blog post. I have tried the 
script on "fixed" blogs and the fix holds up. For all those interested 
in the script, please email me. Interestingly, if the wp_ prefix is 
changed to something particular to every user, this can be avoided in 
the future (since the table named will be different for all WP blogs).

Should we add a page in the install process that forces the users to 
choose a unique table prefix?

Mark Ghosh



More information about the wp-hackers mailing list