Support » Plugins » jquery-vertical-accordion-menu

  • I used this plug-in:

    Which worked well when I was developing locally, but on my particular production server it caused a cross-site scripting attack. Is this something about my server settings, or is this plug-in totally broken? I am using the most recent version of WP, and the plug-in has not been updated, but this seems like a pretty dramatic issue. The plug-in did this whether I had the “Save Menu State (uses cookies)” option activated or not.

    Any other good, functional options for dropdown menu plug-ins?

    Server error info below:

    Sat Oct 26 23:46:06 2013] [error] [client 24.103.XX.XXX] ModSecurity: Access denied with code 406 (phase 2). Pattern match “(?:\\b(?:(?:type\\b\\W*?\\b(?:text\\b\\W*?\\b(?:j(?:ava)?|ecma|vb)|application\\b\\W*?\\bx-(?:java|vb))script|c(?:opyparentfolder|reatetextrange)|get(?:special|parent)folder|iframe\\b.{0,100}?\\bsrc)\\b|on(?:(?:mo(?:use(?:o(?:ver|ut)|down|move|up)|ve)|key(?:press|d …” at REQUEST_FILENAME. [file “/usr/local/apache/conf/modsec2.user.conf”] [line “117”] [id “950004”] [msg “Cross-site Scripting (XSS) Attack”] [data “.cookie”] [severity “CRITICAL”] [tag “WEB_ATTACK/XSS”] [hostname “”] [uri “/live_test/wp-content/plugins/jquery-vertical-accordion-menu/js/jquery.cookie.js”] [unique_id “xxxxxx”]

  • The topic ‘jquery-vertical-accordion-menu’ is closed to new replies.