[wp-trac] [WordPress Trac] #30103: FULL PATH DISCLOSURE
WordPress Trac
noreply at wordpress.org
Sun Oct 26 02:23:47 UTC 2014
#30103: FULL PATH DISCLOSURE
--------------------------+----------------------
Reporter: rocker1058 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: General | Version: 4.0
Severity: normal | Resolution: invalid
Keywords: | Focuses:
--------------------------+----------------------
Changes (by SergeyBiryukov):
* status: new => closed
* resolution: => invalid
* component: Bundled Theme => General
* milestone: Awaiting Review =>
Comment:
See the [https://make.wordpress.org/core/handbook/reporting-security-
vulnerabilities/ Security FAQ]:
> ''' Why are there path disclosures when directly loading certain
files?'''
> This is a server configuration problem. Never enable `display_errors` on
a production site.
Additionally, when you created this ticket:
> '''Do not report potential security vulnerabilities here.''' See the
[https://make.wordpress.org/core/handbook/reporting-security-
vulnerabilities/ Security FAQ] and contact security at wordpress.org.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/30103#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list