[wp-hackers] Matt's site hacked?
mark.wordpress at txfx.net
Thu Jun 8 05:51:29 GMT 2006
On Jun 8, 2006, at 12:48 AM, Matt Mullenweg wrote:
> It was a pretty lame password, sorry. Sometimes I just get lazy.
> From what I can tell there were no WP exploits used, it was just
> the login form.
I had a moment of panic there. What if the Dashboard didn't protect
against HTML injection? Someone could compromise every WP install in
the world! But it's okay, this is airtight: :-)
> <li><a href='<?php echo wp_filter_kses($item['link']); ?>'><?php
> echo wp_specialchars($item['title']); ?></a></li>
More information about the wp-hackers