[wp-trac] [WordPress Trac] #55536: Make sure wp_generate_password() never generates a string containing 0x to prevent blocking from mod_security
WordPress Trac
noreply at wordpress.org
Thu Apr 7 08:01:17 UTC 2022
#55536: Make sure wp_generate_password() never generates a string containing 0x to
prevent blocking from mod_security
--------------------------+------------------------------
Reporter: ReneHermi | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: normal | Resolution: invalid
Keywords: | Focuses:
--------------------------+------------------------------
Changes (by ReneHermi):
* status: new => closed
* resolution: => invalid
Comment:
> is this issue occurring on the current release of mod security?
I could not test this as it is a client-server
> if a password begins with 0x... does the module prevent users from
logging in?
No, this works. I verified it a moment ago. So, this does not seem to
affect the wp core as I initially thought and seems to be a rare edge
case. I am closing the ticket.
Thanks @peterwilsoncc
--
Ticket URL: <https://core.trac.wordpress.org/ticket/55536#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list