[wp-trac] [WordPress Trac] #48895: Anyone is able to access wp-admin to update the database when I update the core using wp-cli.
WordPress Trac
noreply at wordpress.org
Fri Dec 6 07:07:53 UTC 2019
#48895: Anyone is able to access wp-admin to update the database when I update the
core using wp-cli.
----------------------------+-----------------------------
Reporter: ixkaito | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Keywords: needs-patch
Focuses: administration |
----------------------------+-----------------------------
If I updated the core which requires database update via wp-cli, anyone
would be able to access https://example.com/wp-admin/ to update the
database without login.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/48895>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list