[wp-trac] [WordPress Trac] #13827: Security Vulnerabilities In wp-signup.php Breaking Plugins
WordPress Trac
wp-trac at lists.automattic.com
Fri Jun 11 21:07:25 UTC 2010
#13827: Security Vulnerabilities In wp-signup.php Breaking Plugins
-------------------------------------------+--------------------------------
Reporter: uglyrobot | Owner: wpmuguru
Type: defect (bug) | Status: reviewing
Priority: normal | Milestone:
Component: Multisite | Version: 3.0
Severity: normal | Resolution:
Keywords: needs-patch reporter-feedback |
-------------------------------------------+--------------------------------
Changes (by westi):
* keywords: needs-patch => needs-patch reporter-feedback
* priority: high => normal
* severity: critical => normal
Comment:
Why can't a plugin add its own hidden fields using nonces if it wishes to
ensure that a step it requires isn't skipped?
--
Ticket URL: <http://core.trac.wordpress.org/ticket/13827#comment:6>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list