WP Tavern › Forums › Create Topic
Plugin Vulnerabilities The story should make it more clear the claim here is that the vulnerability would only be exploitable by an attacker with access to a WordPress account with the Contributor role or above, making this is of limited concern. It seems like it is outside of a web host’s role to be blocking access to certain types of files in certain directories. Managed WordPress hosting could be an exception for that. If the restriction is on calling .php files, depending on the server setup, an attacker could get around that as well.
Plugin Vulnerabilities
The story should make it more clear the claim here is that the vulnerability would only be exploitable by an attacker with access to a WordPress account with the Contributor role or above, making this is of limited concern.
It seems like it is outside of a web host’s role to be blocking access to certain types of files in certain directories. Managed WordPress hosting could be an exception for that. If the restriction is on calling .php files, depending on the server setup, an attacker could get around that as well.
Name *
Email *
Website:
Topic Title (Maximum Length: 80):
Forum: — No forum —AI and WordPress Articles Blocks Showcase Discussions Events Introductions Jobs and Working in WordPress Podcast Episodes Site and Block Editor
Enter your email address to subscribe to this blog and receive notifications of new posts by email.
Email Address
Submit
Enter the destination URL
Or link to existing content