Securit Bug Found (I think)

  • Wehn you go directly to this URL:

    /wp-admin/plugins.php?activate=true

    You can see the plugins and activate and deactive plugins WITHOUT LOGGING IN!!!!

    If you then go to

    /wp-login.php

    It asks you for your login normally.

    This looks like a serious security issue

    Same is true for =false

Viewing 1 replies (of 1 total)

  • My 2.5 installation just redirects me to the login page.
    Btw. If you’re really still in the 2.2 series, I’d suggest you’d upgrade for a number of reasons.

Viewing 1 replies (of 1 total)
  • The topic ‘Securit Bug Found (I think)’ is closed to new replies.