[wp-meta] [Making WordPress.org] #6939: Reporting Security vulnerabilities in plugins
Making WordPress.org
noreply at wordpress.org
Fri Apr 21 13:29:53 UTC 2023
#6939: Reporting Security vulnerabilities in plugins
------------------------------+---------------------
Reporter: dd32 | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Plugin Directory | Resolution:
Keywords: 2nd-opinion |
------------------------------+---------------------
Comment (by yani.iliev):
Replying to [comment:6 Otto42]:
> Replying to [comment:4 yani.iliev]:
> > Reporting a security vulnerability in a plugin can trigger an
immediate disabling of the said plugin from the WordPress.org plugin repo.
>
> Definitely no. The whole point of having a security reporting system is
that anybody can file a security report. Therefore, no report (from the
general public) can be used to take automatic actions.
Exactly, yes.
--
Ticket URL: <https://meta.trac.wordpress.org/ticket/6939#comment:8>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org
More information about the wp-meta
mailing list