WordPress.org

Ready to get started?Download WordPress

Forums

Possible SECURITY ALERT?? - WordPress User Privilege Escalation (10 posts)

  1. cnm
    Member
    Posted 8 years ago #

    feel free to move this if there is a better section

    I just got wind of this : http://www.securityspace.com/smysecure/catid.html?id=55451

    is there reason for concern for the general wordpress populace?

  2. vkaryl
    Member
    Posted 8 years ago #

    Gee, I don't know....

    I'd feel better about things like this if they at least spelled words correctly: "priviledge" is actually spelled "privelege" (note, please, that this is not YOUR mistake, it's the mistake of the site you got your info from....)

  3. cnm
    Member
    Posted 8 years ago #

    yes... but spelling aside, can we concern ourselves with the issue at hand

  4. Beel
    Member
    Posted 8 years ago #

    Yuk, yuk... it's "privilege" ;-)

  5. jaseone
    Member
    Posted 8 years ago #

    Only reason to be concerned is if you don't trust your authors and they are quite technically savvy, read through the ticket that was logged in trac for more information:

    http://trac.wordpress.org/ticket/1663

  6. cnm
    Member
    Posted 8 years ago #

    thank you for the helpful input Jaseone

  7. angsuman
    Member
    Posted 8 years ago #

    The problem hasn't been solved yet. In fact it is more serious than described above. You don't even need javascript enabled. Read the ticket and comments for details.

  8. Mark (podz)
    Support Maven
    Posted 8 years ago #

    For those of us with a single user, this bug means nothing though.

  9. angsuman
    Member
    Posted 8 years ago #

    Unless you allow new registrations...

  10. NyteOwl
    Member
    Posted 8 years ago #

    As an off topic fyi, it isn't privelege either. It's privilege derived from the latin privilegium.

    More on topic, it's always good to keep potential security problems in mind, even minor ones.

Topic Closed

This topic has been closed to new replies.

About this Topic