<<< Date Index >>>     <<< Thread Index >>>

Re: Wordpress File Inclusion

------------- wp-include/functions.php line:2166 ------------------
function load_template($file) {
global $posts, $post, $wp_did_header, $wp_did_template_redirect, $wp_query, 
       $wp_rewrite, $wpdb;

   extract($wp_query->query_vars);

   require_once($file);
}
-----------------------------------------------------------------
you cannot control a variable directly into a function. so this is not a vulnerability 

Cheers

Expanders