Support » Fixing WordPress » When is this vulnerablility going to be fixed

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator James Huff

    (@macmanx)

    Volunteer Moderator

    Would you please discuss these things with the developers, rather than posting them on a public forum, so that the good people here don’t panic, and the bad people here don’t run off to test this exploit on unsuspecting blogs? This is just simple plea to the many who have posted about this today. Please use some common sense!

    Now, please read through this post: http://wordpress.org/support/topic/41464#post-233351

    If your server has register_globals disabled (which it should as a default security precaution), then you are not vulnerable to this exploit.

    When your host turns register_globals off like it should be.

    If your ISP is unable (or unwilling) to run apache with register globals switched off, simply add this to your .htaccess file in the root folder of your WordPress installation:

    php_flag register_globals off

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘When is this vulnerablility going to be fixed’ is closed to new replies.