[wp-trac] Re: [WordPress Trac] #5664: wp_nonce_ays(): "Yes"-Button
in nonce confirmation does not work
WordPress Trac
wp-trac at lists.automattic.com
Sat Feb 16 15:09:24 GMT 2008
#5664: wp_nonce_ays(): "Yes"-Button in nonce confirmation does not work
---------------------+------------------------------------------------------
Reporter: salgar | Owner: westi
Type: defect | Status: closed
Priority: normal | Milestone:
Component: General | Version: 2.3
Severity: normal | Resolution: invalid
Keywords: |
---------------------+------------------------------------------------------
Changes (by westi):
* status: assigned => closed
* resolution: => invalid
* milestone: 2.6 =>
Comment:
wp_nonce_ays() is dead as it allowed CSRF attacks on logged in users.
--
Ticket URL: <http://trac.wordpress.org/ticket/5664#comment:2>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list