Community Support Forums

— WordPress® ( Users Helping Users ) —
http://www.primothemes.com/forums/

Exploit?

http://www.primothemes.com/forums/viewtopic.php?f=4&t=193

Page 1 of 1

Exploit?

PostPosted: June 3rd, 2010, 5:17 pm
by Westendorf
Typing: ?feed=rss2 at the end of the URL of a blog with s2Member installed exposes all content, as far as I can tell.

Has this been addressed before? Is there a way to protect the RSS feed?

Re: Exploit?

PostPosted: June 3rd, 2010, 10:47 pm
by drbyte
looking at this issue!!! It does using IE, not in FireFox

Jason, can you please look into this issue and let us know

Thank you

Re: Exploit?

PostPosted: June 3rd, 2010, 11:01 pm
by drbyte
Ok I found a quick fix to this issue

Within your WordPress Admin page go to Settings------>Reading Settings------> and change For each article in a feed, show from Full Text to Summary

Delete your IE Cache and try again. It should work

Sam

Re: Exploit?

PostPosted: June 23rd, 2010, 5:57 pm
by Jason Caldwell
This is the intended behavior. However, I'm looking for ways to address this issue and make s2Member more secure in this regard. Please have a look at this thread, where I've discussed the reasoning behind it, and feel free to chime in and give me your opinions. viewtopic.php?f=4&t=231&p=866&hilit=feeds#p866
All times are UTC - 5 hours
Page 1 of 1
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/