Thread: wordpress security: *must read* exploit not fixed in 2.8.4
View Single Post
Old 10-20-2009, 06:34 PM  
fris
Too lazy to set a custom title
 
fris's Avatar
 
Industry Role:
Join Date: Aug 2002
Posts: 55,372
Quote:
Originally Posted by Argos88 View Post
the exploit is FIXED..

the problem you are referring to has to do with some permissions that a user can set. the problem you are referring to, can be more possible on mu if the admin doesn't know how to configure it.

If you are really secure, you should post it in the wp trac and not in GFY. However, again, this was fixed long ago.
this actually hasnt been fixed, i asked one of the core wordpress developers in a chat this morning, their is a fix if you edit a certain file, but if you download 2.8.4 from the site, the issue is not fixed.
__________________
Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.


WP Stuff
fris is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote