[wp-trac] [WordPress Trac] #28610: Persistent XSS and CSRF on wordpress 3.9.1

WordPress Trac noreply at wordpress.org
Sat Jun 21 15:54:54 UTC 2014

#28610: Persistent XSS and CSRF on wordpress 3.9.1
 Reporter:  avinash_thapa  |       Owner:
     Type:  defect (bug)   |      Status:  closed
 Priority:  normal         |   Milestone:
Component:  General        |     Version:  3.9.1
 Severity:  normal         |  Resolution:  invalid
 Keywords:                 |     Focuses:
Changes (by ocean90):

 * status:  new => closed
 * resolution:   => invalid
 * milestone:  Awaiting Review =>


 When creating this ticket, was "Do not report potential security
 vulnerabilities here. See the Security FAQ and contact
 security at wordpress.org." not noticeable? Honest question. If you have
 JavaScript enabled, you additionally would have needed to click a checkbox
 affirming "I am not reporting a security issue — report security issues to
 security at wordpress.org".


 Your report is invalid. Please read

Ticket URL: <https://core.trac.wordpress.org/ticket/28610#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list