[wp-hackers] Critical WP Flaw?

Ryan Boren ryan at boren.nu
Thu Jul 27 08:20:56 GMT 2006

Computer Guru wrote:
>> Neither does asking about it on mailing lists and forums or reposting
>> with links on your own blogs, but they seem to be the popular things to
>> do these days.
> I agree with the latter, but I'm not asking for full disclosure here in the mailing list, I just want 
> 1) Confirmation that it's not BS

See my previous.  The problem is with plugins that don't check caps.

> 2) _Official_ threat level, just how serious is it?

If plugins don't check caps, it can be very serious.

> 3) Possible fix dates

Up to plugin authors.

> 4) Most importantly: how did Dr. Dave find out, who knows the dirty details and shouldn't?

You would have to ask them.


More information about the wp-hackers mailing list