Forums

WordPress › Support » Plugins and Hacks

Register Plus XSS injection (4 posts)

  1. neogabo
    Member
    Posted 2 years ago #

    Register Plus Xss Injection

    In the file register-plus.php the $_POST values are not sanitized

    lines: 1118,1126,1134,1142

    there are a lot more out there

  2. Tranny
    Member
    Posted 2 years ago #

    Thanks for bringing this up. Hope it will be looked at very soon.

  3. Gene53
    Member
    Posted 2 years ago #

    Thanks for the heads up. Unfortunately, it doesn't seem that the plugin author still supports it, he hasn't posted in quite a while.

    Maybe someone else would like to take it over?

  4. Jeff Farthing
    Member
    Posted 2 years ago #

    I will look at incorporating the remaining features of Register Plus (that aren't already there) into my plugin Theme My Login.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags