kyle_t
Forum Replies Created
-
Forum: Themes and Templates
In reply to: $_GET['m'] for custom use instead of monthThe reason why it wasn’t letting you use ‘m’ as a GET variable is because it is already reserved by wordpress, see full list of reserved variable names here: http://codex.wordpress.org/Function_Reference/register_taxonomy#Reserved_Terms
“Avoiding the following reserved terms is particularly important if you are passing the term through the $_GET or $_POST array. Doing so can cause WordPress to respond with a 404 error without any other hint or explanation.”
Forum: Fixing WordPress
In reply to: Possible Security Vunerability: admin-bar.phpI don’t see any issue, as of now. Obviously these files are not supposed to be accessed directly, and accessing admin-bar.php directly doesn’t do much since the add_action() function is not defined within that file. (It is defined in wp-includes/plugin.php)
But I’m going way out on a limb here and saying maybe there is a plugin or some other malware that makes an edit to that file so that when that file is accessed directly it leads to a backdoor into wordpress admin. Again just speculation and also worst case scenario.
Forum: Fixing WordPress
In reply to: Possible Security Vunerability: admin-bar.phpI was able to recreate the error in the error logs with our ip by visiting /wp-includes/admin-bar.php directly, I did not try posting any data to it
I have to agree with another guy that the site is not hacked, it is just an attempt to exploit.Forum: Fixing WordPress
In reply to: Possible Security Vunerability: admin-bar.phpI have been noticing the same error coming through our logs. I am interested in any more information that you find about this attempted exploit.