The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 |
From: Moritz 'Morty' Strübe <mo...@gmx.net>
Date: Sun, 23 Sep 2007 10:35:41 +0100
Local: Sun, Sep 23 2007 5:35 am
Subject: [wp-hackers] Plugin update & security / privacy
I know this will not change until Monday, but is it really necessary to
transmit the URL? Wouldn't the md5 of the URL do? I know it's easy to find WP-Blogs via google. But imagine have them all nicely in a database - All of them. Including version, plugins and so on. If that database gets public and you find a security bug in one of the plugins - there are enough - you can start a _very_ effective attack! -> update.php:85 $http_request .= 'User-Agent: WordPress/' . Cheers _______________________________________________ You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
| |||||||||||||