Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://infosec.exchange/users/mttaggart/statuses/113551304851131242">Taggart :donor: (mttaggart@infosec.exchange)'s status on Wednesday, 27-Nov-2024 23:09:26 JST</a><a href="https://infosec.exchange/@mttaggart" title="mttaggart@infosec.exchange"><img src="https://gnusocial.jp/avatar/117593-48-20241114173111.webp" width="48" height="48" alt="Taggart :donor:" style="position: absolute; left: 0; top: 0;">Taggart :donor:</a><div><a href="https://mastodon.social/@Viss/113551291586886949" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/30576" title="da_667@infosec.exchange">da_667</a></li><li><a href="https://gnusocial.jp/user/138318" title="joshbressers@infosec.exchange">Josh Bressers</a></li></ul></div></section><article><p><a href="https://mastodon.social/@Viss" rel="nofollow noreferrer">@Viss</a> <a href="https://infosec.exchange/@da_667">@da_667</a> <a href="https://infosec.exchange/@joshbressers">@joshbressers</a> I can't get there. I've done as much WordPress as anyone, and the security model from the jump was patently wacky.</p><p>The admin dashboard has a PHP editor. That's not tacked-on; that is the default. That's leaving aside nonsense like xmlrpc.php brute forcing. </p><p>It has a great design editor and a great text editor. But the security of the application was from the starting point a liability.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4076295#notice-7973540">In conversation</a><time datetime="2024-11-27T23:09:26+09:00" title="Wednesday, 27-Nov-2024 23:09:26 JST">about 2 months ago</time> <span>from <span><a href="https://infosec.exchange/@mttaggart/113551304851131242" rel="external" title="Sent from infosec.exchange via ActivityPub">infosec.exchange</a></span></span><a href="https://infosec.exchange/@mttaggart/113551304851131242">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Taggart :donor: (mttaggart@infosec.exchange)'s status on Wednesday, 27-Nov-2024 23:09:26 JSTTaggart :donor:
in reply to
@Viss @da_667 @joshbressers I can't get there. I've done as much WordPress as anyone, and the security model from the jump was patently wacky.
The admin dashboard has a PHP editor. That's not tacked-on; that is the default. That's leaving aside nonsense like xmlrpc.php brute forcing.
It has a great design editor and a great text editor. But the security of the application was from the starting point a liability.
In conversationabout 2 months ago from infosec.exchangepermalink

Public

Embed Notice

HTML Code

Corresponding Notice