[wp-meta] [Making WordPress.org] #4662: A security risk on W.org plugins repository - no checksum / authorization of plugin version reporting

Making WordPress.org noreply at wordpress.org
Wed Aug 7 18:31:11 UTC 2019


#4662: A security risk on W.org plugins repository - no checksum / authorization
of plugin version reporting
------------------------------+------------------------
 Reporter:  KestutisIT        |       Owner:  (none)
     Type:  defect            |      Status:  closed
 Priority:  high              |   Milestone:
Component:  Plugin Directory  |  Resolution:  duplicate
 Keywords:  needs-patch       |
------------------------------+------------------------

Comment (by Otto42):

 https://meta.trac.wordpress.org/ticket/619
 https://core.trac.wordpress.org/ticket/20074

 And probably other core tickets as well. Nevertheless, this would need to
 be a core implementation, it's not something we can wholly do on the w.org
 side.

-- 
Ticket URL: <https://meta.trac.wordpress.org/ticket/4662#comment:3>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org


More information about the wp-meta mailing list