On Mar/14, Markus Koschany wrote: > > So my whole rationale for adding this one in and going against what > > WPScan said is purely 40176 is in the 4.1 branch of the upstreams > > svn. Looking at the relevant file it does look like it does things > > and not dead or unreachable code, so I think 4.1 is vulnerable, but > > PHP code is horrible to debug for that sort of thing. > > Thanks for the explanation. That makes sense.
I've updated the tracker accordingly. Cheers, --Seb
