[wp-hackers] WP Spam Fault

Dougal Campbell dougal at gunters.org
Tue Mar 22 18:13:01 GMT 2005

Podz wrote:
> Running 1.5.1
> In my Comment Blacklist I have
> terashells
> tigerspice
> If I post as a new user to my blog, and put this in the comment text
> www.tera<font>shells.com
> then the comments sails through, and when I go to edit this (or view the 
> comment), WP has stripped the tag, leaving a clean url.
> Just seems odd that the "Kill on sight" list can be worked around so 
> easily ?

I can't duplicate this. I just tried it on my test blog, and it properly 
filed my comments as spam. I tried it both as a "new" user, and while 
logged in as admin.

Dougal Campbell <dougal at gunters.org>

More information about the wp-hackers mailing list