[wp-hackers] Rethinking check_admin_referer()
davebytes at comcast.net
Tue Apr 18 18:48:37 GMT 2006
Sheesh, you beat me by like 5 minutes on posting this same question! ;)
----- Original Message -----
From: "Andy Skelton" <skeltoac at gmail.com>
To: <wp-hackers at lists.automattic.com>
Sent: Tuesday, April 18, 2006 2:43 PM
Subject: Re: [wp-hackers] Rethinking check_admin_referer()
On 4/18/06, David House <dmhouse at gmail.com> wrote:
> How about this:
> 1) Admin writes a post.
> 2) Malicious user leaves a comment with an "image", whose source
> redirecs to http://yoursite.com/wp-admin/post.php?action=delete&post=123
> 3) Admin logs in
> 4) Manage -> Comments
> 5) Post is deleted.
> No need to be able to create drafts.
POST method would fix this. Somebody remind me why we are using GET.
wp-hackers mailing list
wp-hackers at lists.automattic.com
More information about the wp-hackers