Need help? Check out our Support site, then


Contributors can publish directly while not supposed to!

  1. Discovered the following security issue on WP.com.

    Anyone else has experienced it?

    [security issue redacted]

    Jean-Hugues Roy
    prof. UQAM, Montréal, QC, Canada

  2. I've flagged this thread for Staff attention.

  3. Thank you for letting us know - we are investigating and appreciate your thorough report.

    In future, it's safer for everyone if you don't post potential security issues publicly before a fix is in place. You can either use this form - http://automattic.com/security/ - or email security AT wordpress.com.

    Thanks very much.

  4. Thanks for that link Kathryn. I fired off an email.

  5. Thanks timethief and Kathryn!

    Sorry to do so publicly. The issue was unknown to peers.

    JHR

  6. We were able to reproduce the problem and it has now been fixed. You should no longer have such issues. Thanks for the detailed report, but please indeed contact us via our security page, should you ever find another such issue, as it's by far the fastest way for us to be made aware and deploy a fix.

    Best regards.

  7. @stephdau
    Is this a related issue here > http://en.forums.wordpress.com/topic/user-roles-error?replies=3

  8. Yes, that sounds like the same issue - thanks a lot, I'll reply there.

  9. Thanks for fixing the issue! I was not alone. You're fast! :-)

    JHRoy
    Montreal

  10. @jhroy
    You're welcome from me and I'm happy to know Staff fixed this so quickly. WordPress.com Staff rock!

  11. Thanks for the cross-link @timethief. Good catch, as per your usual. :)

    @jhroy: bienvenue, et merci encore pour le rapport. :)

Topic Closed

This topic has been closed to new replies.

About this Topic