Make WordPress Core

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#23078 closed defect (bug) (invalid)

report on vulneribility in wordpress main site

Reported by: coolwashere Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: WordPress.org site Keywords:
Focuses: Cc:


It asks for login in this link https://core.trac.wordpress.org/login when we press cancel there wil be a page with 401 authorization required error followed by version Apache Server at core.trac.wordpress.org Port 443 .

Attacker can use these details to exploit the site so try to fix it up .

-Thank you

Change History (2)

#1 @nacin
5 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

Again, when you created this ticket:

Do not report potential security vulnerabilities here. Read the Security FAQ and email us at security@….

That said, this is standard HTTP Authorization. Nothing vulnerable about it.

#2 @SergeyBiryukov
5 years ago

  • Component changed from General to WordPress.org site
  • Keywords needs-patch removed
  • Severity changed from critical to normal
  • Version trunk deleted
Note: See TracTickets for help on using tickets.