[wp-hackers] Security at Wordpress

John Joseph Bachir jjb at ibiblio.org
Mon Apr 24 17:02:58 GMT 2006


On Mon, 24 Apr 2006, Elliotte Harold wrote:

> The core team seems to want to implement a complex nonce based solution. 
> I suspect there's a simpler, more robust solution using POST instead of 
> GET.

Just on the subject of nonces and POST... even if all side-effect actions 
used POST, there are still security vulnerabilities that a nonce system 
will defeat. One example is making a webpage that looks just like the 
admin interface but isn't, and then using social engineering to get the 
victim (who has an authorization cookie) to use the impostor form. 
(checking admin referers also defeats some or all of these cases as well)

John
----
aim/yim/msn/jabber.org: johnjosephbachir
713.494.2704
irc://irc.freenode.net/lyceum
http://lyceum.ibiblio.org/
http://blog.johnjosephbachir.org/



More information about the wp-hackers mailing list