[wp-hackers] XSS vuln in wordpress 2.7 ?

Benedict Eastaugh ionfish at gmail.com
Mon Dec 22 17:35:12 GMT 2008

2008/12/22 Dan Gayle <dangayle at gmail.com>:
> Wow. That's nasty, and malicious. Could a plugin do that?

Only if the user running PHP had write access to that file.

More information about the wp-hackers mailing list