mark.wordpress at txfx.net
Sun Aug 14 01:12:26 GMT 2005
Scott Merrill wrote:
> The code leverages wp_filter[query_vars]. Is there something specific
> that we can suggest _right now_ for people to do in their blog's code
> to help protect them?
> Certainly `php_flag register_globals off` in .htaccess is one step;
> but I would really like to offer as complete a solution as possible:
> security in depth.
> I want to construct a sticky forum post _officially_ responding to the
> issue, describing the problem, and providing as complete a solution as
> possible for users _right now_.
What about having users use wp-settings.php from /branches/1.5/ ?
MCincubus @ #wordpress
More information about the wp-hackers