[wp-trac] [WordPress Trac] #24561: wp-settings does not check if ABSPATH is defined
WordPress Trac
noreply at wordpress.org
Tue Jun 11 14:42:06 UTC 2013
#24561: wp-settings does not check if ABSPATH is defined
--------------------------+-----------------------------
Reporter: tivnet | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Keywords: needs-patch
--------------------------+-----------------------------
I believe, something like this should appear at the beginning of wp-
settings.php:
{{{
if ( !defined('ABSPATH') ) {
die;
}
}}}
- Obviously, those lines won't work without the above validation:
{{{
require( ABSPATH . WPINC . '/load.php' );
...
}}}
- With php display errors turned on, calling this file directly may reveal
some sensitive information.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24561>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list