WordPress.org

Make WordPress Core

Context Navigation

← Previous Ticket
Next Ticket →

Opened 4 years ago

Closed 4 years ago

#24561 closed defect (bug) (duplicate)

wp-settings does not check if ABSPATH is defined

Reported by:	tivnet	Owned by:
Milestone:		Priority:	normal
Severity:	normal	Version:
Component:	General	Keywords:
Focuses:		Cc:

Description

I believe, something like this should appear at the beginning of wp-settings.php:

if ( !defined('ABSPATH') ) {
 die;
}

Obviously, those lines won't work without the above validation:

require( ABSPATH . WPINC . '/load.php' );
...

With php display errors turned on, calling this file directly may reveal some sensitive information.

Change History (1)

#1 @ocean90
4 years ago

Keywords needs-patch removed
Milestone Awaiting Review deleted
Resolution set to duplicate
Status changed from new to closed

Duplicate of #10367.

Note: See TracTickets for help on using tickets.

Trac UI Preferences

Download in other formats: