Matt Readtag:mattread.com,2009:why-you-should-never-trust-plugin-authors/12610797792009-12-18T22:35:23-05:002013-03-08T22:58:09-05:002009-12-17T14:36:16-05:00I apologize for this, but thought it would be fun. I hacked my own site! I must be good! I did this using an exploit found in a plugin for Habari. I plan on fixing this plugin very soon. If you are worried use my [Contact Form][1] to contact me about it, and I'll let you know which plugin it is. Even better, if you feel like fixing something, let me know and you can fix it for me :D. **Update 2:** This has [now been fixed][2] in the [AutoSave plugin][3]. The exploit could allow any cracker to post to the vulnerable site without being an authenticated user. So if any anyone is using AutoSave, you should **[update now][3]**. [1]: /contact [2]: http://habariproject.org/en/potential-security-issue-with-the-autosave-plugin [3]: http://habariproject.org/dist/plugins/autosave/autosave-0.6-0.1.2.zip