[wp-hackers] Security Vulnerability found - Forum Post
mark.wordpress at txfx.net
Wed Apr 13 20:17:54 GMT 2005
Matthew Mullenweg wrote:
> denis at semiologic.com wrote:
>> - fetch config.php through the file editor
> Incidentally, we don't allow this.
They could still just edit a plugin with code that would spit out the
contents of wp-config.php and then they would have full access to your
This isn't a problem for trusted users... levels 2 and up. But for
any other dangerous code.
More information about the wp-hackers