[wp-hackers] WP Spam Fault
Dougal Campbell
dougal at gunters.org
Tue Mar 22 18:13:01 GMT 2005
Podz wrote:
> Running 1.5.1
> In my Comment Blacklist I have
> terashells
> tigerspice
>
> If I post as a new user to my blog, and put this in the comment text
> www.tera<font>shells.com
> then the comments sails through, and when I go to edit this (or view the
> comment), WP has stripped the tag, leaving a clean url.
>
> Just seems odd that the "Kill on sight" list can be worked around so
> easily ?
I can't duplicate this. I just tried it on my test blog, and it properly
filed my comments as spam. I tried it both as a "new" user, and while
logged in as admin.
--
Dougal Campbell <dougal at gunters.org>
http://dougal.gunters.org/
More information about the wp-hackers
mailing list