WordPress.org

Ready to get started?Download WordPress

Forums

Securit Bug Found (I think) (2 posts)

  1. aio
    Member
    Posted 6 years ago #

    Wehn you go directly to this URL:

    /wp-admin/plugins.php?activate=true

    You can see the plugins and activate and deactive plugins WITHOUT LOGGING IN!!!!

    If you then go to

    /wp-login.php

    It asks you for your login normally.

    This looks like a serious security issue

    Same is true for =false

  2. Roy
    Member
    Posted 6 years ago #

    My 2.5 installation just redirects me to the login page.
    Btw. If you're really still in the 2.2 series, I'd suggest you'd upgrade for a number of reasons.

Topic Closed

This topic has been closed to new replies.

About this Topic