[wp-hackers] Rethinking check_admin_referer()

David Chait davebytes at comcast.net
Tue Apr 18 18:48:37 GMT 2006


Sheesh, you beat me by like 5 minutes on posting this same question! ;)

-d

----- Original Message ----- 
From: "Andy Skelton" <skeltoac at gmail.com>
To: <wp-hackers at lists.automattic.com>
Sent: Tuesday, April 18, 2006 2:43 PM
Subject: Re: [wp-hackers] Rethinking check_admin_referer()


On 4/18/06, David House <dmhouse at gmail.com> wrote:
> How about this:
>
> 1) Admin writes a post.
> 2) Malicious user leaves a comment with an "image", whose source
> redirecs to http://yoursite.com/wp-admin/post.php?action=delete&post=123
> 3) Admin logs in
> 4) Manage -> Comments
> 5) Post is deleted.
>
> No need to be able to create drafts.

POST method would fix this. Somebody remind me why we are using GET.

Andy
_______________________________________________
wp-hackers mailing list
wp-hackers at lists.automattic.com
http://lists.automattic.com/mailman/listinfo/wp-hackers



More information about the wp-hackers mailing list