GetSimple Support Forum GetSimple Plugins v
GSconfig UI [v0.3]

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Thread Modes
GSconfig UI [v0.3]
Tyblitz Offline
Senior Member
****
Posts: 305
Threads: 15
Joined: Mar 2014
#34
2015-05-29, 20:45:06 (This post was last modified: 2015-05-29, 21:49:45 by Tyblitz.)
Big security flaw with GSLOGINSALT.
To all who install, please comment out line 31:

Code:
add_action('successful-login-start', 'gsconfig_ui_setpwd');

I didn't test this with random usernames & passwords, and it turns out any newly set password is saved, even by a random user.  I'll release GSconfig UI 0.2.2 without this hook and setting login salts will be as troublesome as before, but at least security won't be compromised. I'll try to figure something out later to make it work properly. Is there any way to 'suspend' file downloads in Extend?


EDIT: Fixed. Smile
Custom Settings & Components Extended | webketje.com
Website Find
Reply


Messages In This Thread
GSconfig UI [v0.3] - by Tyblitz - 2015-05-20, 10:33:57
RE: GSconfig UI [v0.1 out!] - by Tyblitz - 2015-05-22, 22:52:45
RE: GSconfig UI [v0.1 out!] - by shawn_a - 2015-05-22, 23:17:14
RE: GSconfig UI [v0.1 out!] - by Tyblitz - 2015-05-23, 00:10:32
RE: GSconfig UI [v0.1 out!] - by shawn_a - 2015-05-23, 01:07:57
RE: GSconfig UI [v0.1 out!] - by Oleg06 - 2015-05-23, 05:55:54
RE: GSconfig UI [v0.1 out!] - by Tyblitz - 2015-05-23, 09:07:14
RE: GSconfig UI [v0.1 out!] - by shawn_a - 2015-05-23, 09:53:57
RE: GSconfig UI [v0.1 out!] - by Tyblitz - 2015-05-23, 11:09:27
RE: GSconfig UI [v0.1 out!] - by shawn_a - 2015-05-24, 03:32:20
RE: GSconfig UI [v0.1 out!] - by shawn_a - 2015-05-24, 03:40:43
RE: GSconfig UI [v0.1 out!] - by datiswous - 2015-05-24, 05:23:46
RE: GSconfig UI [v0.1 out!] - by shawn_a - 2015-05-24, 06:21:05
RE: GSconfig UI [v0.1 out!] - by Tyblitz - 2015-05-24, 08:52:20
RE: GSconfig UI [v0.1 out!] - by datiswous - 2015-05-24, 10:54:51
RE: GSconfig UI [v0.1 out!] - by shawn_a - 2015-05-24, 10:52:53
RE: GSconfig UI [v0.1 out!] - by Tyblitz - 2015-05-24, 12:23:34
RE: GSconfig UI [v0.1 out!] - by datiswous - 2015-05-24, 12:30:32
RE: GSconfig UI [v0.1 out!] - by Tyblitz - 2015-05-26, 23:47:10
RE: GSconfig UI [v0.2 out] - by Oleg06 - 2015-05-27, 03:47:22
RE: GSconfig UI [v0.2 out] - by Tyblitz - 2015-05-27, 05:54:11
RE: GSconfig UI [v0.2 out] - by Oleg06 - 2015-05-27, 06:28:52
RE: GSconfig UI [v0.2 out] - by Tyblitz - 2015-05-27, 07:03:40
RE: GSconfig UI [v0.2 out] - by Oleg06 - 2015-05-27, 08:35:23
RE: GSconfig UI [v0.2 out] - by Tyblitz - 2015-05-27, 10:07:28
RE: GSconfig UI [v0.2 out] - by Oleg06 - 2015-05-27, 17:03:00
RE: GSconfig UI [v0.2 out] - by Tyblitz - 2015-05-27, 17:52:51
RE: GSconfig UI [v0.2.1 out] - by Oleg06 - 2015-05-27, 21:56:16
RE: GSconfig UI [v0.2.1 out] - by Tyblitz - 2015-05-28, 02:01:06
RE: GSconfig UI [v0.2.1 out] - by shawn_a - 2015-05-28, 02:11:50
RE: GSconfig UI [v0.2.1 out] - by Tyblitz - 2015-05-28, 03:14:05
RE: GSconfig UI [v0.2.1 out] - by shawn_a - 2015-05-28, 03:38:06
RE: GSconfig UI [v0.2.1 out] - by Tyblitz - 2015-05-29, 20:45:06
RE: GSconfig UI [v0.2.2 out] - by Tyblitz - 2015-05-30, 23:37:51
RE: GSconfig UI [v0.2.1 out] - by datiswous - 2015-06-11, 03:23:15
RE: GSconfig UI [v0.2.1 out] - by Tyblitz - 2015-10-05, 04:08:11
RE: GSconfig UI [v0.3] - by ReBo - 2015-10-19, 08:07:26
RE: GSconfig UI [v0.3] - by Tyblitz - 2015-10-19, 08:57:08
RE: GSconfig UI [v0.3] - by datiswous - 2016-04-28, 22:20:06
RE: GSconfig UI [v0.3] - by shawn_a - 2016-04-29, 03:23:19
RE: GSconfig UI [v0.3] - by datiswous - 2016-04-29, 19:38:39
RE: GSconfig UI [v0.3] - by shawn_a - 2016-04-29, 23:14:52
RE: GSconfig UI [v0.3] - by datiswous - 2016-04-30, 06:46:45
RE: GSconfig UI [v0.3] - by shawn_a - 2016-04-30, 07:10:46
RE: GSconfig UI [v0.3] - by shawn_a - 2016-05-02, 00:35:33
RE: GSconfig UI [v0.3] - by Tyblitz - 2016-05-06, 07:13:03
RE: GSconfig UI [v0.3] - by shawn_a - 2016-10-09, 09:43:09
RE: GSconfig UI [v0.3] - by Tyblitz - 2016-10-16, 08:17:28



Users browsing this thread: 2 Guest(s)