Forums

WordPress › Support » Plugins and Hacks

[resolved] [Plugin: Search Unleashed] XSS vulnerability found (2 posts)

  1. stunnaboi
    Member
    Posted 11 months ago #

    I found an XSS vulnerability when the Search Unleashed v1.0.6 plugin was activated. I test this by pointing my browser at the following URL:

    http://www.my-wordpress-site.com/?s=%3C/script%3E%3Cscript%3Ealert('XSS');%3C/script%3E

    Try it yourself. If the alert is executed then your site is vulnerable to XSS attack. Be advised!!

  2. AITpro
    Member
    Posted 10 months ago #

    I randomly came across this post while searching on XSS attacks. If you have the BulletProof Security plugin installed this XSS attack is nullified / blocked / Forbidden. Nice catch stunnaboi!

Reply

You must log in to post.

About this Topic

Tags