WordPress.org

Ready to get started?Download WordPress

Forums

xLanguage
Uses preg_replace /e (1 post)

  1. Bhawks_2
    Member
    Posted 3 years ago #

    Hi all,

    this plugin uses the call preg_replace () /e. The /e option is dangerous and therefore not allowed on a lot of servers.

    To quote suhosin:

    "The /e modifier inside preg_replace() allows code execution. Often it is the cause for remote code execution exploits. It is wise to deactivate this feature and test where in the application it is used. The developer using the /e modifier should be made aware that he should use preg_replace_callback() instead. "

    Hopefully the developer reads this and can change it, since a lot of users seem to want to use this plugin

    cheers,
    Stefan

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic

Tags