[wp-trac] [WordPress Trac] #35835: _deprecated_file undefined in rss-functions.php
WordPress Trac
noreply at wordpress.org
Wed Feb 17 09:38:58 UTC 2016
#35835: _deprecated_file undefined in rss-functions.php
--------------------------+----------------------
Reporter: thib3113 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: General | Version: 4.4.2
Severity: normal | Resolution: invalid
Keywords: | Focuses:
--------------------------+----------------------
Comment (by thib3113):
Replying to [comment:3 dd32]:
> > Yes, but visiting this webpage produce a http 500 error.
>
> On a URL which should never be linked to (And you should also have
directory indexing disabled ideally).
It's is not linked, but pentest software know this addresses and check for
path. You'are right, in production, we will set debug to false, but in my
opinion, we can make attack with this error, maybe with reloading lot of
time, and log lot of errors ( I don't know, i'm not a professional in
pentesting )...
I just think, let an error is not a good thing, mostly if you just add one
line for remove this ...
{{{#!php
if(!defined(ABSPATH)) exit();
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35835#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list