WordPress.org

Support

Support » Requests and Feedback » Path Disclosure Vulnerability version 3.71

Path Disclosure Vulnerability version 3.71

  • Path Disclosure Vulnerability version 3.71

    Affected files:

    wp-includes/registration-functions.php
    wp-admin/admin-functions.php
    wp-admin/upgrade-functions.php
    wp-includes/class-snoopy.php
    wp-includes/registration.php
    wp-includes/rss-functions.php
    wp-includes/rss.php
    wp-includes/theme-compat/comments-popup.php
    wp-includes/theme-compat/comments.php
    wp-includes/theme-compat/footer.php
    wp-includes/theme-compat/header.php
    wp-includes/theme-compat/sidebar.php
    wp-includes/shortcodes.php

    Repair method:

    ini_set(‘display_errors’, false);

    Turn off in php.ini error Mode: set in php.ini display_error = Off.
    Beginning of the file in the above affected by adding the following code:

    if ( !defined( ‘ABSPATH’ ) )
    {
    header( ‘HTTP/1.1 403 Forbidden’, true, 403 );
    die (‘Please do not load this page directly. Thanks!’);
    }

Viewing 1 replies (of 1 total)
  • esmi

    @esmi

    Forum Moderator

    This is a server issue – not a WordPress one.

Viewing 1 replies (of 1 total)
  • The topic ‘Path Disclosure Vulnerability version 3.71’ is closed to new replies.
Skip to toolbar