Security (JS/SQL Injection)

  • Resolved chuckjaynes

    (@chuckjaynes)


    11 years, 1 month ago

    It seems that therer isn’t any sanitizing of the input fields. For example, entering a first name of <script>alert(‘hello’)</script> is accepted. Then when I view the sign up sheets, I get a nice “hello” popup.

    In short, JavaScript and SQL injection attacks are possible.

    Adding a strip_tags and/or htmlspecialchars in function clean_array might be a simple fix to this problem.

    http://wordpress.org/extend/plugins/sign-up-sheets/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Andrew Tegenkamp

    (@andrewteg)

    11 years, 1 month ago

    Good catch. I’m not the developer but am checking this out for use and do some WP plugin development. If you get to writing your own plugins or are the developer of his plugin reading this, WordPress has built this and other stuff in with a sanitize_text_field funtion.

    RE: http://codex.wordpress.org/Function_Reference/sanitize_text_field talks about it and lists related functions for specific fields like email, etc.

    HTH,
    Andrew

    dlsstudios

    (@dlsstudios)

    11 years, 1 month ago

    Thank you for alerting us of this issue. We will have it corrected with the next version and should be releasing it shortly.

    dlsstudios

    (@dlsstudios)

    11 years, 1 month ago

    With the latest version 1.0.6 of the Sign-up Sheets plugin, the sign up form fields are now protected against cross site scripting. Please note that SQL Injection was not an issue as all database inserts and updates are properly sanitized.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Security (JS/SQL Injection)’ is closed to new replies.