[wp-trac] [WordPress Trac] #45780: Installed different plugin and ask for update from different plugin
WordPress Trac
noreply at wordpress.org
Thu Dec 27 15:13:59 UTC 2018
#45780: Installed different plugin and ask for update from different plugin
--------------------------+-----------------------------
Reporter: jk81093 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Plugins | Version:
Severity: critical | Keywords:
Focuses: privacy |
--------------------------+-----------------------------
Very dangerous bug, its kind of a loophole to destroy website.
For example I have created custom plugin with name of "example" directory,
and if in WordPress plugin market if plugin available with same directory
(example) then installed plugin asked for update but both plugin are
different. And if we update the plugin from the popup then old plugin
replaced with new plugin but both are different.
So if we update plugin with some hacky code to the name of popular plugin
directory then its dangerous for targeted website.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/45780>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list