Skip to:
Content
Pages
Categories
Search
Top
Bottom

Re: Is there a backdoor in WPMU/Buddypress?


Andy Peatling
Keymaster

@apeatling

14 years, 1 month ago

I’ve already answered this question.

If you have a spammer with admin access on a blog, they can add new users to that blog. They are then new users in the system since WPMU shares a global users table. So essentially once a spammer has a blog they can get others in.

This is simply the way WPMU works, and if I try and change that, people shout and scream at me. The reality is, if you want to use WordPress MU and BuddyPress along with it, you are going to have to manage this somehow. Otherwise, just use standard WordPress since it doesn’t have these issues.

Forums

Views

Feeds

Tags

404 activation Activity activity activity stream admin admin bar ajax avatar avatars bbPress blog blogs Buddypress buddypress bug child theme comments css custom directory edit email error facebook fatal error filter forum forums friends group groups header help installation link links login member members menu message Messages multisite navigation notification notifications page pages php plugin plugins post posts privacy private problem profile Profile Fields profiles redirect register registration search sidebar spam template theme themes update upgrade upload URL user username users widget widgets wordpress xprofile
Skip to toolbar