[wp-hackers] Security at Wordpress

Elliotte Harold elharo at metalab.unc.edu
Fri Apr 21 22:15:00 GMT 2006

Brian Layman wrote:

> The nonce solution that Owen proposed will adequately protect WP from my
> approach.  Therefore I don't have to give a "how-to tutorial" of an exploit
> that could be adapted to attack any non-compiled, non-nonced, non-customized
> web application out there.

If it's really that bad, I'd suggest you publish it because no one 
person is going to be able to fix all the web apps out there.

However, I suspect what you've discovered is the well-known problem 
where GET is used for operations with side effects, a common flaw in web 
apps designed by people who don't understand HTTP. While not as widely 
known as it should be (which is why further publicity would be a good 
thing) it's hardly a new attack. It's certainly known to 
web-app-attackers everywhere. Being quiet about it only helps the black 
hats who already know.

Elliotte Rusty Harold  elharo at metalab.unc.edu
XML in a Nutshell 3rd Edition Just Published!

More information about the wp-hackers mailing list