WordPress.org

Ready to get started?Download WordPress

Forums

WordPress Sphinx Search Plugin
Using the "upload" directory is not secure (1 post)

  1. amartynov
    Member
    Posted 1 year ago #

    I noticed that by default the plugin places logs, indexes and (what most important) cron php scripts into the "upload" directory which is accessible from the outside world.

    For example, an attacker can perform a DoS attack by invoking requesting cron_update* scripts fast enough!

    http://wordpress.org/extend/plugins/wordpress-sphinx-plugin/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags

No tags yet.