Prevent direct loading of files that require WP to be loaded
|Reported by:||mdawaffe||Owned by:||ryan|
There was some talk about this a while back, but I can't find any tickets.
Idea: add if ( !defined( 'ABSPATH' ) ) die(); to all files that should not be directly loaded.
Attached implements this for all files in wp-admin/ (except for the FTP classes).
Change History (4)
- Component changed from General to Security
- Owner changed from anonymous to ryan
- Priority changed from normal to lowest
- Severity changed from normal to trivial
- Keywords 2nd-opinion removed
- Resolution set to wontfix
- Status changed from new to closed