Support » Requests and Feedback » Comments are not proper filtered

  • Hello!

    I’ve spotted this a while ago(maybe from version 2.3) but never reported because I hoped it will be fixed on the next release…

    NOTE: This will not be an issue if javascript is not enabled.

    But not everyone has enough time to check every “Thank you! Great post!” comments especially when they have a huge visitor/commentator number so they will select the option “Comment author must have a previously approved comment”.

    To check this issue out:
    Log in into your wp blog and submit this comment:
    <script type="text/javascript">alert('bump');</script>

    after the comment is submitted and the page reloads you’ll see the alert window.

    then go to your admin panel to edit/delete this comment; you’ll see that when displaying the comments page that alert window is displayed once again.

    Imagine 200 of this alerts now….

    I really hope someone will fix this asap(by filtering any javascript input in comments).

  • The topic ‘Comments are not proper filtered’ is closed to new replies.