[wp-trac] Re: [WordPress Trac] #6871: Plugins without headers don't
show in the plugins page, keeping some exploits hidden
WordPress Trac
wp-trac at lists.automattic.com
Wed Jul 16 15:34:40 GMT 2008
#6871: Plugins without headers don't show in the plugins page, keeping some
exploits hidden
-------------------------------------------------------------------+--------
Reporter: guillep2k | Owner: guillep2k
Type: defect | Status: assigned
Priority: high | Milestone: 2.6.1
Component: Security | Version: 2.6
Severity: critical | Resolution:
Keywords: exploit security has-patch dev-feedback tested commit |
-------------------------------------------------------------------+--------
Changes (by santosj):
* keywords: exploit security has-patch dev-feedback tested => exploit
security has-patch dev-feedback tested commit
Comment:
Ah, I didn't see the new patch. It looks good, except it appears you are
testing for ../ and failing if it exists. I'm thinking strpos is faster
than str_replace (which is what I meant when I said regex). Actually, I'm
sure it is.
I think your patch is great and I hope it gets in. Sorry about the
misunderstanding.
--
Ticket URL: <http://trac.wordpress.org/ticket/6871#comment:24>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list