[wp-hackers] How does privilege escalation work?

Dan Phiffer dan at phiffer.org
Wed Jun 6 18:05:19 UTC 2012

Just thought I'd pull this question out of my last email to give it more visibility: are most privilege escalation attacks designed so the user changes their roles/capabilities in the database, or is it more that they trick WP into ignoring the lower capabilities?


More information about the wp-hackers mailing list