[wp-trac] [WordPress Trac] #50308: CSS Customizer control field - vulnerabilty against hacks prevention
WordPress Trac
noreply at wordpress.org
Thu Jun 4 13:28:10 UTC 2020
#50308: CSS Customizer control field - vulnerabilty against hacks prevention
-------------------------+----------------------
Reporter: marcorinia | Owner: (none)
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: Security | Version:
Severity: normal | Resolution: invalid
Keywords: | Focuses:
-------------------------+----------------------
Changes (by desrosj):
* keywords: close =>
* status: assigned => closed
* version: 5.4.1 =>
* resolution: => invalid
* milestone: Awaiting Review =>
Comment:
Hi @marcorinia,
Welcome to Trac!
Thanks for this ticket. I am not seeing any actionable items here. Without
being able to identify a specific problem that we are trying to solve,
it's not really feasible to explore changes to make. If there are specific
attack vectors, then those should be detailed and disclosed responsibly to
the security team.
As for the security policy, you can find a detailed breakdown of the
project's security policy here: https://wordpress.org/about/security/. The
best place to disclose security vulnerabilities is on the project's
HackerOne: https://hackerone.com/wordpress
--
Ticket URL: <https://core.trac.wordpress.org/ticket/50308#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list