Comments Security Hole!!

What should i say it?? a bug or something like unsecure, pirateable… Actually from a few days I started noticing that some of wordpress blogs as default approve regular readers comments without moderation. This enables the commentor to not to await for any moderation and the comments are approved on the same instant, after once the comment from that email id is once moderated by blog administrator, by default. Some people have moderated each commment. Thats good. That works perfectly..But when it comes to bloggers who havent edited the deafault options of wordpress, its been noticed that if i want to comment with someone others email id, its damn easy. Means you can easily misuse someone’s email id on the blogs where there is no such moderation. For instance i would comment with name of any of the people’s id who have ever commented on my blog. For example i would comment from Zain’ email id. I think every blogger should enable moderation of comments to avoid any future misuse in any case. I am not thinking on opposite side. And i never ever intend to misuse anything through this functionality, but i just wanted to inform others about this function performed automatically. This security hole should be duly filled by wordpress to disable such things.

Advertisements

2 thoughts on “Comments Security Hole!!

  1. zain says:

    This comment is not made by Zain, but by me….. 😛
    I used his e-mail id. And this thing wasnt in his notice. A big Security Hole!!!!!

    Enable Comments Moderation……

  2. Extenze says:

    thanks !! very helpful post!

Your Electrons about this Post?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: