[wp-trac] [WordPress Trac] #16619: XMLRPC authentication bypasses plugins?
WordPress Trac
wp-trac at lists.automattic.com
Wed Feb 23 11:44:11 UTC 2011
#16619: XMLRPC authentication bypasses plugins?
--------------------------+----------------------
Reporter: kojix | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: XML-RPC | Version:
Severity: normal | Resolution: invalid
Keywords: |
--------------------------+----------------------
Comment (by dd32):
See also, This: http://core.trac.wordpress.org/browser/trunk/wp-
includes/user.php#L40
{{{
40 // TODO do we deprecate the wp_authentication action?
41 do_action_ref_array('wp_authenticate',
array(&$credentials['user_login'], &$credentials['user_password']));
}}}
It seems that that filter is not the ideal one, 'authenticate' is the
better filter for this.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/16619#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list