Make WordPress Core

Opened 2 years ago

Closed 2 years ago

#24561 closed defect (bug) (duplicate)

wp-settings does not check if ABSPATH is defined

Reported by: tivnet Owned by:
Milestone: Priority: normal
Severity: normal Version:
Component: General Keywords:
Focuses: Cc:


I believe, something like this should appear at the beginning of wp-settings.php:

if ( !defined('ABSPATH') ) {
  • Obviously, those lines won't work without the above validation:
require( ABSPATH . WPINC . '/load.php' );
  • With php display errors turned on, calling this file directly may reveal some sensitive information.

Change History (1)

#1 @ocean90
2 years ago

  • Keywords needs-patch removed
  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Duplicate of #10367.

Note: See TracTickets for help on using tickets.