Using the "upload" directory is not secure
-
I noticed that by default the plugin places logs, indexes and (what most important) cron php scripts into the “upload” directory which is accessible from the outside world.
For example, an attacker can perform a DoS attack by invoking requesting cron_update* scripts fast enough!
https://www.ads-software.com/extend/plugins/wordpress-sphinx-plugin/
- The topic ‘Using the "upload" directory is not secure’ is closed to new replies.
