Support Forum

Advanced Search
Forum Scope


Match



Forum Options



Minimum search word length is 3 characters - maximum search word length is 84 characters
general-topic
Recent XSS Vulnerability any cause for concern?
Avatar
jim
Here and Now
Member
Pro Subscribers
sp_UserOfflineSmall Offline
Apr 26, 2015 - 1:43 pm

I'm certain you guys are conforming to secure coding practices, or you are on top of this... but I just wanted to make sure there is no cause for concern with the current version of SimplePress, considering the recent XSS vulnerability identified regarding proper use of add_query_arg() and remove_query_arg() functions.

Security Advisory: XSS Vulnerability Affecting Multiple WordPress Plugins

TripawdsSimple:Press powers the Tripawds Discussion Forums.

It's better to hop on three legs than to limp on four.

The Tripawds Blogs Community is made possible by The Tripawds Foundation.

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
Apr 26, 2015 - 1:46 pm

nope, not an issue...  a survey was done before the 5.5.6 release on that very topic...

and actually, it wasnt improper coding, but wrong wp docs on their codex saying wp handled the sanitization, but it didnt...

in our case, we did the sanitization ourselves already...  think we changed one use in the admin, but it wasnt coming from user input anyway, so not an issue...

Avatar
jim
Here and Now
Member
Pro Subscribers
sp_UserOfflineSmall Offline
Apr 26, 2015 - 2:14 pm

I figured that much, thanks for the confirmation!

TripawdsSimple:Press powers the Tripawds Discussion Forums.

It's better to hop on three legs than to limp on four.

The Tripawds Blogs Community is made possible by The Tripawds Foundation.

Avatar
Mr Papa
Simi Valley, CA
SP Master
Free Members
sp_UserOfflineSmall Offline
Apr 26, 2015 - 2:27 pm

glad to help...

Forum Timezone: Europe/Stockholm
Most Users Ever Online: 1170
Currently Online:
Guest(s) 1
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Mr Papa: 19448
Ike: 2086
Brandon: 864
kvr28: 804
jim: 650
FidoSysop: 577
Conrad_Farlow: 531
fiddlerman: 358
Stefano Prete: 325
Member Stats:
Guest Posters: 620
Members: 17365
Moderators: 0
Admins: 4
Forum Stats:
Groups: 7
Forums: 17
Topics: 10128
Posts: 79626