Forums

WordPress › Support » Plugins and Hacks

Facebook AWD All in one
[resolved] Cross-site Scripting (XSS) Attack (2 posts)

  1. GuiltyCol
    Member
    Posted 8 months ago #

    Every time I try to save the settings from the plugin screen, my web host automatically blocks my IP address for an hour! When I enquired why, this is the server log they sent:

    /wp-content/plugins/facebook-awd/js/jquery.cookie.js?ver=3.2.1

    Access denied with code 406 (phase 2). Pattern match "(?:\b(?:(?:type\b\W*?\b(?:text\b\W*?\b(?:j(?:ava)?|ecma|vb)|application\b\W*?\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\b.{0,100}?\bsrc)\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)|key(?:press|d ..." at REQUEST_FILENAME. [file "/usr/local/apache/conf/modsec2.user.conf"] [line "120"] [id "950004"] [msg "Cross-site Scripting (XSS) Attack"] [data ".cookie"] [severity "CRITICAL"] [tag "WEB_ATTACK/XSS"]

    Has this plugin's code been compromised?

    http://wordpress.org/extend/plugins/facebook-awd/

  2. AHWEBDEV
    Member
    Posted 8 months ago #

    Hi, no, the library jquery.cookie is used to stay on the same tabs when your submit form settings.

    Your web host use mod_security, and it's not compatible with this lib.

    You can disable this lib.
    open the file AWD_facebook.php and comment the line 428:
    //wp_enqueue_script($this->plugin_slug.'-js-cookie',$this->plugin_url.'/js/jquery.cookie.js',array('jquery'));

    then open /js/facebook_awd.js and comment line 36 and remove comma at the end of line 35:

    jQuery("#div_options_content_tabs").tabs({
	fx: { opacity: 'toggle',duration:'fast'}
	//cookie: { expires: 30 }
});

    this will disable cookie for tabs.

Reply

You must log in to post.

About this Plugin

About this Topic

Tags