Results 1 to 8 of 8

Thread: XSS attack is possible on the theme

  1. #1
    Thread Starter
    rinormazreku's Avatar
    Join Date
    Dec 2013
    Location
    Sweden
    Posts
    125
    Thanks
    19
    Thanked 0 Times in 0 Posts

    XSS attack is possible on the theme

    Hi,
    I just started to use this and discovered that it is possible to preform an XSS attack on the theme. You can put your own javascript code when you do a post or when you leave a reply on a post.
    All inputs must me escaped before they are saved on the database.
    regards

  2. #2
    samcy's Avatar
    Join Date
    Mar 2012
    Location
    Germany
    Posts
    12,100
    Thanks
    121
    Thanked 1,756 Times in 1,442 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
    Rolf Hassel (Samcy)

  3. #3
    Expired Customer gautamedu's Avatar
    Join Date
    Oct 2013
    Location
    Australia
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!

  4. #4
    Expired Customer gautamedu's Avatar
    Join Date
    Oct 2013
    Location
    Australia
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!

  5. #5
    Expired Customer gautamedu's Avatar
    Join Date
    Oct 2013
    Location
    Australia
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!

  6. #6
    samcy's Avatar
    Join Date
    Mar 2012
    Location
    Germany
    Posts
    12,100
    Thanks
    121
    Thanked 1,756 Times in 1,442 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
    Rolf Hassel (Samcy)

  7. #7
    Expired Customer gautamedu's Avatar
    Join Date
    Oct 2013
    Location
    Australia
    Posts
    10
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!

  8. #8
    samcy's Avatar
    Join Date
    Mar 2012
    Location
    Germany
    Posts
    12,100
    Thanks
    121
    Thanked 1,756 Times in 1,442 Posts
    You must be an AppThemes customer and logged in to view this response. Join today!
    Rolf Hassel (Samcy)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. unhooking or removing default theme-action.php actions using child theme
    By almightyeric in forum ClassiPress General Discussion
    Replies: 5
    Last Post: February 17th, 2016, 07:29 AM
  2. Huge attack on WordPress sites
    By shunarjuna in forum WordPress General Discussion
    Replies: 3
    Last Post: April 17th, 2013, 12:48 AM
  3. Replies: 2
    Last Post: October 18th, 2012, 02:21 PM
  4. Replies: 2
    Last Post: May 27th, 2012, 12:41 PM
  5. The Attack Of The Monster Slugs
    By valance in forum Report ClassiPress Bugs
    Replies: 1
    Last Post: December 30th, 2011, 10:38 PM