WordPress.org

Ready to get started?Download WordPress

Forums

Montezuma
WordPress Montezuma Theme Cross-Site Scripting Vulnerability (10 posts)

  1. wikiknowledgee
    Member
    Posted 12 months ago #

    WordPress Montezuma theme is prone to a cross-site scripting vulnerability

    [Remaining details moderated. Please do not post details of potential security issues in a public forum. See http://codex.wordpress.org/FAQ_Security#Where_do_I_report_security_issues.3F

  2. esmi
    Theme Diva & Forum Moderator
    Posted 12 months ago #

    Please email details of the issues to security [at] wordpress.org as per the above linked FAQ.

  3. bytesforall
    Member
    Theme Author

    Posted 12 months ago #

    New user account, first post, 3 lines of generic text that can be found thousand times all over the web, without any substance.

    Looks like a copy & paste trolling attempt to me.

  4. esmi
    Theme Diva & Forum Moderator
    Posted 12 months ago #

    Dos Montezuma use ZeroClipboard.swf?

  5. bytesforall
    Member
    Theme Author

    Posted 12 months ago #

    Yes, in the backend

  6. esmi
    Theme Diva & Forum Moderator
    Posted 12 months ago #

  7. bytesforall
    Member
    Theme Author

    Posted 12 months ago #

    I had not thought about that third party library. New version uploaded to .org

    @wikiknowledgee: Sorry for my tone. I was fairly sure my own code was o.k. but had not thought about 3rd party libs.

  8. wikiknowledgee
    Member
    Posted 12 months ago #

    i was getting alerts from website defender

  9. wikiknowledgee
    Member
    Posted 12 months ago #

    it's ok, can u fix this security issue?

  10. eitanc
    Member
    Posted 12 months ago #

    Should be fixed in version 1.1.9, downloadable from http://wordpress.bytesforall.com/2013/04/montezuma-1-1-9-and-atahualpa-3-7-12/

Reply

You must log in to post.

About this Theme

About this Topic