[wp-trac] [WordPress Trac] #9444: Allow to read wp-config.php without loading WP

WordPress Trac noreply at wordpress.org
Sun Feb 15 19:18:43 UTC 2015 

#9444: Allow to read wp-config.php without loading WP
--------------------------------------------------+----------------------
 Reporter:  hakre                                 |       Owner:
     Type:  defect (bug)                          |      Status:  closed
 Priority:  normal                                |   Milestone:
Component:  General                               |     Version:  2.7.1
 Severity:  normal                                |  Resolution:  wontfix
 Keywords:  has-patch tested commit dev-feedback  |     Focuses:
--------------------------------------------------+----------------------

Comment (by SergeyBiryukov):

 If you can control the URL LinkedIn sends reply to, and it currently
 points to a PHP file that includes `wp-load.php` directly, you should be
 able to replace it with something like
 `http://example.com/?my_oauth_plugin`, which would open the pop-up with
 access to WordPress environment.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/9444#comment:32>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list