Prevent XSS Vulnerability

Description

Check the URL and Redirect it if any XSS Vulnerability found. This plugin encodes the following signs and then Remove some XSS signs from the URL as shown below:

Encode Parameters

  • Exclamation Mark !
  • Double Quotation "
  • Single Quotation '
  • Opening Round Bracket (
  • Closing Round Bracket )
  • Asterik Sign *
  • Less than Sign <
  • Greater than Sign >
  • Hyphen `
  • Cap Sign ^
  • Opening Square Bracket [
  • Closing Square Bracket ]
  • Opening Curly Bracket {
  • Mod Sign |
  • Closing Curly Bracket }

    Remove Parameters

  • Opening Round Bracket (
  • Closing Round Bracket )
  • Less than Sign <
  • Greater than Sign >
  • Opening Square Bracket [
  • Closing Square Bracket ]
  • Opening Curly Bracket {
  • Mod Sign |
  • Closing Curly Bracket }

This Plugin also Escape HTML in $_GET variable. $_GET is mostly used to put the values in HTML from the URL. This Check is quite useful if your site using/getting anything from the URL and printing it in HTML. It secures your Search and other sections as per your site working.

NOTE: MAKE SURE TO CHECK YOUR FORMS AFTER ACTIVATING THE PLUGIN ANF IF YOU HAVE WOOCOMMERCE SITE THEN PLEASE ALSO CHECK THE CART AND CHECKOUT PROCESS.

Thanks for the Support

The support from the users that love Prevent XSS Vulnerability is huge. You can support Prevent XSS Vulnerability future development and help to make it even better by leaving a 5 star rating with a nice message to me 🙂

Bug reports

Bug reports for Prevent XSS Vulnerability are welcomed on GitHub. Please note GitHub is not a support forum, and issues that aren’t properly qualified as bugs will be closed.

Installation

This process defines you the steps to follow either you are installing through WordPress or Manually from FTP.

From within WordPress

  1. Visit ‘Plugins > Add New’
  2. Search for Prevent XSS Vulnerability
  3. Activate Prevent XSS Vulnerability from your Plugins page.
  4. Go to “after activation” below.

Manually

  1. Upload the prevent-xss-vulnerability folder to the /wp-content/plugins/ directory
  2. Activate Prevent XSS Vulnerability through the ‘Plugins’ menu in WordPress
  3. Go to “after activation” below.

After activation

  1. Go to the plugin settings page and set up the plugin for your site.
  2. You’re done!

FAQ

Q. Why should I install this plugin?

A. Installing this plugin is the easiest way to prevent your site from XSS Vulnerability.

Q. Does this plugin escape HTML in priting search?

A. Yes, this plugin escape HTML in $_GET varaible which is mostly use to print the data from the URL to HTML. If your site is using $_GET then it is safe and the HTML will be escaped otherwise you need to check.

Q. Does this plugin has any conflict with anyother plugin?

A. No, this plugin doesn’t have any conflict with any plugin.

Reviews

Great Little Plugin 🙂

After running a full site scan using Acunetix and receiving hundreds of XSS alerts, this great little plugin secured the site.

Bear in mind we have the free versions of Wordfence and iThemes Security installed, we incorrectly assumed that was enough…

I’m not sure why this plugin isn’t used, or reviewed more.

Thank you!

Read all 1 review

Contributors & Developers

“Prevent XSS Vulnerability” is open source software. The following people have contributed to this plugin.

Contributors

“Prevent XSS Vulnerability” has been translated into 1 locale. Thank you to the translators for their contributions.

Translate “Prevent XSS Vulnerability” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

0.2 – Dev 02, 18

  • Enhancements
    • Added Escaped HTML Feature in $_GET variable
    • Optimized Function to have better performance

0.1 – Aug 24, 17

  • First release on wordpress.org.