how is the security? | WordPress.org

Resolved jackyon
(@jackyon)

10 years, 10 months ago

Hi,

glad to see cform|| still alive, I am big fans of this plugin!

as I saw from Oliver writing on his website:

I’ve just recently been made aware of potentially new security concerns around PHP injection attacks, which I took as a reason to make a long over due call. As of today, I give up cforms and lay it to rest. This includes the forum and home page.

How is the security of the newest version? did this one already fixed the security issues?

plz advise. THX!

https://wordpress.org/plugins/cforms2/

Viewing 2 replies - 1 through 2 (of 2 total)

Plugin Author bgermann
(@bgermann)

10 years, 10 months ago

I was made aware of a remote code execution bug which originated from the original code about the same time and fixed it (see changelog). I guess it was the same bug.

I am not aware of any other very critical security bugs, but probably there are possible XSS attack vectors.

Thread Starter jackyon
(@jackyon)

10 years, 10 months ago

hi bgermann,

awesome, that’s the main issue I concern.

thx for continue developing this plugin!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘how is the security?’ is closed to new replies.

2 replies
2 participants
Last reply from: jackyon
Last activity: 10 years, 10 months ago
Status: resolved