[wp-trac] Re: [WordPress Trac] #4344: Posting comments from external websites

WordPress Trac wp-trac at lists.automattic.com
Sun May 27 11:30:28 GMT 2007


#4344: Posting comments from external websites
-----------------------+----------------------------------------------------
 Reporter:  PsychoGun  |        Owner:  anonymous
     Type:  defect     |       Status:  reopened 
 Priority:  high       |    Milestone:           
Component:  Security   |      Version:           
 Severity:  normal     |   Resolution:           
 Keywords:             |  
-----------------------+----------------------------------------------------
Comment (by Linusmartensson):

 To me, it looks like the problem here is that _wpnonce is missing on the
 comment forms, which is indeed a vulnerability.

-- 
Ticket URL: <http://trac.wordpress.org/ticket/4344#comment:5>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list