[wp-trac] [WordPress Trac] #20195: Plugins uninstall.php
WordPress Trac
wp-trac at lists.automattic.com
Mon Apr 30 19:28:42 UTC 2012
#20195: Plugins uninstall.php
--------------------------+------------------------------
Reporter: wpsmith | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Plugins | Version:
Severity: major | Resolution:
Keywords: dev-feedback |
--------------------------+------------------------------
Comment (by nacin):
Replying to [comment:11 lightningspirit]:
> What about using HTTP referer?
Even easier to spoof. Don't even need access to the environment to do
that.
No matter what you try to do, once you can execute code, you can do
anything. There just isn't a security consideration here, at all.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/20195#comment:12>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list