Mostly about my amusement

Tag: security

.htaccess to prevent wp-pass.php redirects

See the BUGTRAQ explanation here. By passing arguments to wp-pass.php, the wp-pass.php file will send the requesting browser to the URL that wp_http_refferer points to. By using a simple script the WordPress installation is easily verified as susceptible.