WordPress.org

Ready to get started?Download WordPress

Forums

Members
[resolved] Insufficient Security (4 posts)

  1. preciadojacob
    Member
    Posted 2 years ago #

    I am using, well not was using, this plug-in on a site I was building for a client. It so happened that somehow the plug-in locked me out of my own dashboard, and revoked all of my administrative privileges. After frantically searching for a resolution, I succeed at retracting the changes the plug-in administered to my user account. But what I received upon reentering my dashboard was a feeling of shear horror, instead of relief which I had hoped for. Someone had created an administrator account during my absence, and deleted all of my site content. Luckily I had created a backup on my server for the site. I would refrain from using this plug-in until the security issues have been resolved.

    http://wordpress.org/extend/plugins/members/

  2. Justin Tadlock
    Member
    Plugin Author

    Posted 2 years ago #

    So, you basically locked yourself out of your own site because you didn't properly follow the instructions, somehow your site got hacked during that time, and you decided to blame the plugin? Does that about sum it up?

  3. preciadojacob
    Member
    Posted 2 years ago #

    Well actually I fallowed all of pluggin sites instructions exactly. This is the first time I have ever experienced any kind of security issue with any wordpress pluggin. I am sure the team and or individual who created the pluggin did not inted for it to happen. It pry has not been out long enough to release a version with all of the bugs fixed.

  4. Justin Tadlock
    Member
    Plugin Author

    Posted 2 years ago #

    Well actually I fallowed all of pluggin sites instructions exactly.

    No, no you didn't. If you locked yourself out of your site, you most certainly didn't follow the instructions exactly.

    This is the first time I have ever experienced any kind of security issue with any wordpress pluggin. I am sure the team and or individual who created the pluggin did not inted for it to happen.

    What's the security issue? Just because your site got hacked while you had this plugin installed does not mean there's a security issue with the plugin.

    It pry has not been out long enough to release a version with all of the bugs fixed.

    What bugs? Explain in detail.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags