[wp-hackers] Moved from BlogWare to WordPress - Need Help

Paul Mitchell wp-hackers at paul-mitchell.me.uk
Sat May 20 10:11:42 GMT 2006

Sean Hickey wrote:

Hello Sean. I raised the alarm.

> So unless I'm missing something, any security holes in the plugin also
> exists in the core of WP, which kind of makes
> a security hole in the plugin a mute point.
There is no referer check that I can see. Your plugin directly UPDATEs
the database instead of calling wp_update_post().

Paul Mitchell, Coding and Crafting Quality Software

More information about the wp-hackers mailing list