[wp-hackers] Rethinking check_admin_referer()
Andy Skelton
skeltoac at gmail.com
Tue Apr 18 18:43:09 GMT 2006
On 4/18/06, David House <dmhouse at gmail.com> wrote:
> How about this:
>
> 1) Admin writes a post.
> 2) Malicious user leaves a comment with an "image", whose source
> redirecs to http://yoursite.com/wp-admin/post.php?action=delete&post=123
> 3) Admin logs in
> 4) Manage -> Comments
> 5) Post is deleted.
>
> No need to be able to create drafts.
POST method would fix this. Somebody remind me why we are using GET.
Andy
More information about the wp-hackers
mailing list