[wp-hackers] XSRF - announcement ! / Plugin WP
William Davis
will.davis at gmail.com
Thu Dec 23 16:34:49 UTC 2010
This is a problem with a plugin, not with the WordPress core, so the
plugin author should be contacted.
But, as Andrew Nacin has said before on the WP-Hackers list, security
vulnerabilities should be reported to security at wordpress.org, never to
the general public.
Will
On Dec 23, 2010, at 8:51 AM, MASOKIS wrote:
> Hi.... check this out, (sorry written in malaysia language, use google
> translater..it's work)
> http://bit.my/L1yQ
> It about attack XSRF ( cross site request forgery ) for wp plugin,
> i already report to wp community but no feedback.. maybe not notified
> check here
> http://wordpress.org/support/topic/plugin-announcement-and-vertical-scroll-news-xsrf-vulnerable-attack
> i also inform to plugin developer.. but my msg maybe go to spambox...
> urmm...
>
> /hi.. today is my1st join this mailing list.. and this was 1st msg ,
> greetz
> to all wp-hackers :)
>
> --
> VISIT ME @ HTTP://WWW.MASOKIS.COM
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list