WordPress.org

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #48850, comment 96


Ignore:
Timestamp:
02/07/2020 05:08:54 PM (21 months ago)
Author:
SergeyBiryukov
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #48850, comment 96

    initial v1  
    22> To prevent `malicious-plugin` from messing what's offerer to  `good-honest-plugins`, do we need to use PHP Reflections to limit filters running on the the plugin to the plugin itself. This is super complex I know but keep in mind the offered file can be changed from wp.org to malicious.org via filters. This is perhaps a topic for another time.
    33
    4 That sounds like it would apply to core updates too. Basically, any installed plugin can could do pretty much anything to the site and its database, even without messing with another plugin's updates.
     4That sounds like it would apply to core updates too. Basically, any installed plugin can do pretty much anything to the site and its database, even without messing with another plugin's updates.