[wp-hackers] Moved from BlogWare to WordPress - Need Help

Chris Pirillo chris at lockergnome.com
Sat May 20 09:39:18 GMT 2006

> It bypasses many vital WordPress security checks, so makes your blog
> vulnerable to types of vandalism from which the WordPress developers
> have spent MONTHS of effort protecting you.

I sent the URL for your comment to Sean (the plugin's creator). Not to start
a war, but... here's what he says:

"Anything is possible, although that isn't much to go on.  It would be more
helpful if the person saying to disable the plugin explained why it's a
security risk.  On the backend of the plugin, the /wp-config, and the
/wp-admin/admin.php scripts are included in the main script. If the person
trying to edit a post isn't an admin, and isn't logged in, then the backend
scripts will not work.  There is no way around it."


More information about the wp-hackers mailing list