.htaccess to prevent wp-pass.php redirects

Jul 10, 2007 By Jan Dembowski in Software 1 Comment Tags: apache, security, WordPress

See the BUGTRAQ explanation here. By passing arguments to wp-pass.php, the wp-pass.php file will send the requesting browser to the URL that wp_http_refferer points to. By using a simple script the WordPress installation is easily verified as susceptible.

Mostly Harmless

Mostly about my amusement

.htaccess to prevent wp-pass.php redirects

July 2007
S	M	T	W	T	F	S
« Jun				Aug »
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31