KatrinaT
Forum Replies Created
-
Forum: Themes and Templates
In reply to: [Escapade] Tagline – Text Color Not DisplayingThank you!!!
Forum: Installing WordPress
In reply to: 404 Error in German on an English siteThanks Mark – turns out is was one of the plugins! Katrina
Forum: Installing WordPress
In reply to: 404 Error in German on an English siteHi Mark, Yes I used Google translate to convert the error message in to English. The URL is http://blog.jstreettech.com. I have been successful in posting new “test” posts, but the error message (displaying in German) is always at the top of the page. We have checked the log files for any resource issues and there are none and we rebooted the servers. Thanks, Katrina
Forum: Fixing WordPress
In reply to: Can’t find is_admin() function in query.phpHi,
We are experiencing the same issue. We are running WordPress 2.9.2 but Security Metrics is still failing us because of:
Synopsis : The remote web server contains a PHP application that is affected by an information disclosure issue. Description : The version of WordPress on the remote host does not properly check for administrative credentials in the ‘is_admin()’ function in ‘wp-includes/query.php’. Using a specially-crafted URL that contains the string ‘wp-admin/’, an attacker may be able to leverage this issue to view posts for which the status is classified as ‘future’, ‘draft’, or ‘pending’, which would otherwise be available only to authenticated users. See also : http://www.securityfocus.com/archive/1/4 85160/30/0/threaded http://trac.wordpress.org/ticket/5487 Solution: Unknown at this time.Help please!
Forum: Fixing WordPress
In reply to: PCI scan FailingHi,
I am having the same issue- Security Metrics is failing my PCI Complaince on our e-commmerce web site. I upgraded our WordPress version to 2.9.2 yesterday. Ran a new SM scan and we are still failing for the same reason:
Description : The version of WordPress on the remote host does not properly check for administrative credentials in the ‘is_admin()’ function in ‘wp-includes/query.php’. Using a specially-crafted URL that contains the string ‘wp-admin/’, an attacker may be able to leverage this issue to view posts for which the status is classified as ‘future’, ‘draft’, or ‘pending’, which would otherwise be available only to authenticated users. See also : http://www.securityfocus.com/archive/1/4 85160/30/0/threaded http://trac.wordpress.org/ticket/5487 Solution: Unknown at this time. Risk Factor: Medium / CVSS Base Score : 4.3 (CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N) BID : 26885 Other references : OSVDB:39518, Secunia:28130 [More]Any thoughts on how to fix this would be great!
Thanks,
Katrina