[wp-hackers] WP Spam Fault

Podz podz at tamba2.org.uk
Tue Mar 22 17:04:28 GMT 2005


Running 1.5.1
In my Comment Blacklist I have
terashells
tigerspice

If I post as a new user to my blog, and put this in the comment text
www.tera<font>shells.com
then the comments sails through, and when I go to edit this (or view the 
comment), WP has stripped the tag, leaving a clean url.

Just seems odd that the "Kill on sight" list can be worked around so 
easily ?

P.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : http://comox.textdrive.com/pipermail/wp-hackers/attachments/20050322/3668d207/signature.bin


More information about the wp-hackers mailing list