Hi. Does anybody know what's the general opinion on disclosure of WordPress plugin vulnerabilities in these two sections: 1) unfiltered string parameter values - while magic_quotes are automatically turned on on WordPress >= 3.0 [1] installations 2) admin ones (requires access to the restricted admin area)
Kind regards. References: [1] http://kovshenin.com/archives/wordpress-and-magic-quotes/ -- Miroslav Stampar http://about.me/stamparm _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/