Results 1 to 8 of 8

Thread: XSS attack is possible on the theme

December 18th, 2013 #1

rinormazreku

Thread Starter

Join Date

Dec 2013

Location

Sweden

Posts

125

Thanks

19

Thanked 0 Times in 0 Posts

XSS attack is possible on the theme
Hi,
I just started to use this and discovered that it is possible to preform an XSS attack on the theme. You can put your own javascript code when you do a post or when you leave a reply on a post.
All inputs must me escaped before they are saved on the database.
regards

Reply With Quote
December 19th, 2013 #2

samcy

Join Date

Mar 2012

Location

Germany

Posts

12,098

Thanks

121

Thanked 1,756 Times in 1,442 Posts

You must be an AppThemes customer and logged in to view this response. Join today!

Rolf Hassel (Samcy)

Reply With Quote
December 21st, 2013 #3

gautamedu

Expired Customer

Join Date

Oct 2013

Location

Australia

Posts

10

Thanks

0

Thanked 0 Times in 0 Posts

You must be an AppThemes customer and logged in to view this response. Join today!

Reply With Quote
December 21st, 2013 #4

gautamedu

Expired Customer

Join Date

Oct 2013

Location

Australia

Posts

10

Thanks

0

Thanked 0 Times in 0 Posts

You must be an AppThemes customer and logged in to view this response. Join today!

Reply With Quote
December 21st, 2013 #5

gautamedu

Expired Customer

Join Date

Oct 2013

Location

Australia

Posts

10

Thanks

0

Thanked 0 Times in 0 Posts

You must be an AppThemes customer and logged in to view this response. Join today!

Reply With Quote
December 22nd, 2013 #6

samcy

Join Date

Mar 2012

Location

Germany

Posts

12,098

Thanks

121

Thanked 1,756 Times in 1,442 Posts

You must be an AppThemes customer and logged in to view this response. Join today!

Rolf Hassel (Samcy)

Reply With Quote
December 22nd, 2013 #7

gautamedu

Expired Customer

Join Date

Oct 2013

Location

Australia

Posts

10

Thanks

0

Thanked 0 Times in 0 Posts

You must be an AppThemes customer and logged in to view this response. Join today!

Reply With Quote
December 22nd, 2013 #8

samcy

Join Date

Mar 2012

Location

Germany

Posts

12,098

Thanks

121

Thanked 1,756 Times in 1,442 Posts

You must be an AppThemes customer and logged in to view this response. Join today!

Rolf Hassel (Samcy)

Reply With Quote

« Parse error: syntax error, unexpected '?' in /home/cheche/public_html/wp-content/them | BUG: Geocode Not Updating on Address Change »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

unhooking or removing default theme-action.php actions using child theme

By almightyeric in forum ClassiPress General Discussion

Replies: 5
Last Post: February 17th, 2016, 07:29 AM
Huge attack on WordPress sites

By shunarjuna in forum WordPress General Discussion

Replies: 3
Last Post: April 17th, 2013, 12:48 AM
Will I loose all my parent theme configuration settings if i install child theme ?

By krreddy in forum WordPress General Discussion

Replies: 2
Last Post: October 18th, 2012, 02:21 PM
how can I change the theme colour to white instead of choosing the theme colours prov

By etnivre80 in forum ClassiPress General Discussion

Replies: 2
Last Post: May 27th, 2012, 12:41 PM
The Attack Of The Monster Slugs

By valance in forum Report ClassiPress Bugs

Replies: 1
Last Post: December 30th, 2011, 10:38 PM

Thread: XSS attack is possible on the theme

Thread Tools

Search Thread

XSS attack is possible on the theme

Thread Information

Users Browsing this Thread

Similar Threads

unhooking or removing default theme-action.php actions using child theme

Huge attack on WordPress sites

Will I loose all my parent theme configuration settings if i install child theme ?

how can I change the theme colour to white instead of choosing the theme colours prov

The Attack Of The Monster Slugs