[wp-hackers] Exploit, or no?

Scott Merrill skippy at skippy.net
Tue Jun 28 17:06:55 GMT 2005

This thread:
was last responded to by Ryan on Saturday.  Since then, some development
work has occured on WordPress in the form of SVN check-ins for Mark
Jaquith's get_id_by_permalink() work.

So, is there a confirmed vulnerability about which we should be
concerned?  If so:
* are there any mitigating circumstances to lessen the threat?
* are there any steps we can take to protect ourselves until an official
update is released?

I'm not trying to be a gadfly; and I'm not trying to rush anything
along.  But I _would_ want to see that thread marked "resolved", so that
regular folks don't worry that 'nothing happens' with regard to
WordPress security.

skippy at skippy.net | http://skippy.net/

gpg --keyserver pgp.mit.edu --recv-keys 9CFA4B35
506C F8BB 17AE 8A05 0B49  3544 476A 7DEC 9CFA 4B35

More information about the wp-hackers mailing list