[wp-hackers] notification of insecure plugins?
Iain Cambridge
wackiebackie at gmail.com
Thu Nov 18 20:53:13 UTC 2010
Best thing to do is notify the plug-in developer. Just because they
haven't noticed it's vulnerable doesn't mean they can't or won't patch
it. If they do refuse to patch it, patch it yourself. If just you're
wondering if your plug-in is vulnerable to attack check the same place
the hackers do security sites advisories and google.
Iain
On Thu, Nov 18, 2010 at 8:42 PM, Patrick Laverty
<patrick_laverty at brown.edu> wrote:
> Is there a place where people can find out accurate information about
> insecure plugins? Because plugins are third-party, no one would expect the
> core team to do anything about them. However if I have installed a plugin
> that is vulnerable to attack, I'd like to know about it.
>
> Plus, plugin developers might not even know themselves that their plugin is
> vulnerable and some might not even care to upgrade them when they do know.
>
> How can I find out this information so I can then make an informed decision
> on my plugins?
>
> Thanks.
>
> Patrick
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
More information about the wp-hackers
mailing list