WordPress.org

Forums

WordPress Sphinx Search Plugin
Using the "upload" directory is not secure (1 post)

  1. amartynov
    Member
    Posted 3 years ago #

    I noticed that by default the plugin places logs, indexes and (what most important) cron php scripts into the "upload" directory which is accessible from the outside world.

    For example, an attacker can perform a DoS attack by invoking requesting cron_update* scripts fast enough!

    http://wordpress.org/extend/plugins/wordpress-sphinx-plugin/

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • WordPress Sphinx Search Plugin
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic

Tags

No tags yet.