[wp-hackers] Exploit, or no?
Ryan Boren
ryan at boren.nu
Tue Jun 28 17:21:25 GMT 2005
On Tue, 2005-06-28 at 13:06 -0400, Scott Merrill wrote:
> This thread:
> http://wordpress.org/support/topic/37482
> was last responded to by Ryan on Saturday. Since then, some development
> work has occured on WordPress in the form of SVN check-ins for Mark
> Jaquith's get_id_by_permalink() work.
>
> So, is there a confirmed vulnerability about which we should be
> concerned? If so:
Yes.
> * are there any mitigating circumstances to lessen the threat?
> * are there any steps we can take to protect ourselves until an official
> update is released?
If we revealed that, we would be telling everyone where to look.
Hopefully we will be able to release the fix and 1.5.1.3 soon.
Ryan
More information about the wp-hackers
mailing list