Reflected XSS vulnerability in a WordPress theme | WordPress.org

asdfwp
(@asdfwp)

12 years ago

Hello guys,

Firstly, great job with the whole WordPress business and keeping an active and thriving community – you have my genuine appreciation and gratitude.

I just want to ask the theme/plugin reviewers if they could do some basic pentesting on 3rd party services before adding them on WordPress.org. I happened to find a reflected XSS vulnerability on a theme I found on the themes folder on WordPress.org, and I got a bit worried. I’d rather not name the theme, and I did fill a report on their website which they kindly addressed timely.

My point is that I’d sleep a lot better if I knew the services were filtered through some basic penetration testing before being published on the main website.

Other than this, many thanks for keeping this CMS active and up to date!

Cheers

The topic ‘Reflected XSS vulnerability in a WordPress theme’ is closed to new replies.

Tags

otto42

In: Requests and Feedback
0 replies
1 participant
Last reply from: asdfwp
Last activity: 12 years ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics