Forums

WordPress › Support » Plugins and Hacks

[Plugin: Unfiltered MU] Is it secure if I'm the only one with Admin or Editor pemissions? (2 posts)

  1. mattloak
    Member
    Posted 2 years ago #

    I'm a little confused about what this plugin will do. The warning on the page says:

    Warning! This is a very dangerous plugin to activate if you have untrusted users on your site. Any user could add Javascript code to steal the login cookies of any visitor who runs a blog on the same site.

    but above that is says:

    Unfiltered MU gives Administrators and Editors the unfiltered_html capability.

    So if should the warning read "Any user that's an Admin or Editor..." or can any user really run unfiltered code?

    http://wordpress.org/extend/plugins/unfiltered-mu/

  2. Donncha O Caoimh
    Member
    Posted 1 year ago #

    Oh well, late reply but better late than never. It's dangerous because on an MU or multisite site an admin of a blog can be an untrusted user.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags