[wp-trac] [WordPress Trac] #50023: major core flaw in comments system found today 28 April 2020 16:00 GMT +3
WordPress Trac
noreply at wordpress.org
Tue Apr 28 14:07:37 UTC 2020
#50023: major core flaw in comments system found today 28 April 2020 16:00 GMT +3
-----------------------------+------------------------------
Reporter: marciancarutasu | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version:
Severity: major | Resolution: worksforme
Keywords: | Focuses: privacy
-----------------------------+------------------------------
Changes (by knutsp):
* keywords: close =>
* status: new => closed
* resolution: => worksforme
Comment:
I can at any time, anywhere on my domains, with WordPress, my software of
any kind or plain html, create a user with your name and publish anything,
not just comments, full articles and complete blogs, in your name and/or
email. Very bad practice, and it could be illegal, but technically I can,
regardless of potential limitations in WordPress.
Nothing can be done to prevent this techinically, given the open nature of
the internet
Facebook is not self hosted software. It's controlled by Facebook. Believe
me, they can edit your comments and posts there, if they so wish.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50023#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list