[wp-trac] Re: [WordPress Trac] #6871: Plugins without headers don't
show in the plugins page, keeping some exploits hidden
WordPress Trac
wp-trac at lists.automattic.com
Fri Jul 25 15:50:11 GMT 2008
#6871: Plugins without headers don't show in the plugins page, keeping some
exploits hidden
-------------------------------------------------------------------+--------
Reporter: guillep2k | Owner: guillep2k
Type: defect | Status: assigned
Priority: high | Milestone: 2.6.1
Component: Security | Version: 2.6
Severity: critical | Resolution:
Keywords: exploit security has-patch dev-feedback tested commit |
-------------------------------------------------------------------+--------
Comment (by santosj):
str_replace is fast enough function for string replacing, so you're
probably doing premature optimization with exploitable cases. You would
need an extra four strpos() to make up for all known possible ways to
handle it and by then you're not going to be much faster than str_replace
--
Ticket URL: <http://trac.wordpress.org/ticket/6871#comment:31>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list