[wp-hackers] Wordpress 1.2.2 XSS Vulnerabilities
Joseph Scott
joseph at randomnetworks.com
Fri Feb 4 16:24:12 GMT 2005
Just a comment on one section of this.
On Feb 4, 2005, at 6:40 AM, Allen Parker wrote:
<snip>
>> PHP-Warnings:
>> /wp.php?author=bla
>> /wp-commentsrss2.php?p=999999
>> /wp-admin/options.php?option_group_id=1888
>> /wp-admin/post.php?action=edit&post=2890000000000
>> All of these do produce PHP Errors.
After first starting with WordPress I started going through the code
and fixing things that caused PHP warnings/errors. In the end I was
told there wasn't really much interest in this, so no one was likely to
review any of my patches let along commit them. So I wouldn't expect
to see too much action in this area unless something has changed since
then.
--
Joseph Scott
http://joseph.randomnetworks.com/
More information about the hackers
mailing list