Support » Plugin: Admin username changer » [Plugin: Admin username changer] Security issue

  • Resolved Julio Potier

    (@juliobox)


    Hello

    Your plugin makes life easy for hackers because you do not use security nonce tokens.
    Also, the plugin sends you an email each time the plugin option page is visited, without user agreement, this is spam and forbidden.

    Read the codex to learn how to add nonces to your form/ajax.
    Btw, all websites do not starts with ‘http://www.’, check “parse_url()” php function.
    Also, check $wpdb->update() function.
    Last, what is JS is not activated, like on Screen Readers for blind people ?

    See you !

    http://wordpress.org/extend/plugins/admin-username-changer/

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Author yoshitech

    (@emcode)

    Thank you for your suggestions Julio.

    Email sending was in the plugin for maybe 5 minutes and i removed it immediately and sent an email to the webmaster of the url that was sent to me – to uninstall it and re install the new clean one.

    I’ll make the changes you suggested in the next release.
    Greets

    Thank you emcode, i’ll be here 😉

    Plugin Author yoshitech

    (@emcode)

    The new version is in the tags folder, 1.1 🙂

    Check it out and let me know what you think, and then i’ll release it.

    Greets!

    Great news!
    But the actual trunk version is 1.0
    Change Stable tag: 1.1 to Stable tag: trunk in readme.txt file

    Plugin Author yoshitech

    (@emcode)

    DOne 🙂

    Is it possible to install and activate, change the username, and then uninstall and delete for security?

    thanks

    Yes.

    Hello,

    What will happen to my posts if I change the admin user name? It’s currently the only user, and I have hundreds of posts. Will they be deleted?
    🙂

    Non, the username is not linked to posts, the ID is.

    Thank you. 🙂

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘[Plugin: Admin username changer] Security issue’ is closed to new replies.