[wp-trac] [WordPress Trac] #13866: No dupe-checking on wp_users.display_name field allows impersonation attack, edge case privilege escalation venerability
WordPress Trac
wp-trac at lists.automattic.com
Thu Jun 17 00:58:02 UTC 2010
#13866: No dupe-checking on wp_users.display_name field allows impersonation
attack, edge case privilege escalation venerability
--------------------------+-------------------------------------------------
Reporter: foxly | Owner:
Type: defect (bug) | Status: new
Priority: high | Milestone: Unassigned
Component: Users | Version: 2.9.2
Severity: major | Keywords: security exploit, spoofing, display_name
--------------------------+-------------------------------------------------
Comment(by nacin):
> In the WordPress core, do not let the function that sets display_name
change its value to one which matches the user_login or display_name of
another user on the system.
I strongly disagree with that, nor does it scale well. You can easily
write a plugin that does this, or simply rejects "Admin."
--
Ticket URL: <http://core.trac.wordpress.org/ticket/13866#comment:3>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list