Just updated one of my wp installs to 2.0.6 and I’ve got a question.
I was able to run wp-admin/upgrade.php without being logged in. Wouldn’t that be a security concern though? Granted it’s just the upgrade script but it’s accessable.
- The topic ‘Shouldn’t upgrade.php be secure?’ is closed to new replies.