|
|
|
|
|
|
by wolfgang42
3195 days ago
|
|
|
Fortunately, shared hosts aren't likely to be vulnerable to this attack: in that case, the Host header will be used to identify which shared site to run, so if an attacker changes it they'll get a different site. This vulnerability is only a problem if WordPress is installed as the default site (or has a dedicated IP address), in which case unknown values of the Host header will be passed directly to it. |
|
|