WordPress.org

Support

Support » Plugins and Hacks » [Plugin: Auto SEO Tags] Possibly an insecure plugin

[Plugin: Auto SEO Tags] Possibly an insecure plugin

  • bobcouttie

    @bobcouttie

    I used auto-seo-tags but found that tags to alleged porn sites were being added, many to things like ‘naked-girls-on-skype’. Although it may be unconnected, my wp_options table was bloated and crashed irreparably.

    Fortunately the tags could be removed – which also seemed to have removed the wp_options bloat.

    http://wordpress.org/extend/plugins/auto-seo-tags/

Viewing 1 replies (of 1 total)
  • Plugin Author zadan

    @zadan

    Hi Bobcouttie,
    I’m the author of the plugin. I apologize for any problems the plugin may have caused.
    Did the tags being added contain any html/injection code or were they just rude words?
    I’ve tried to sanitize the input data with the line
    $target = str_replace(“‘”,”””,str_replace(“;”,””,sanitize_title_with_dashes($query)));
    and I tested trying to send it bad input before releasing the plugin, but I may well have missed something. I’ll check the plugin and update it within the next 24 hours. I considered stopping tags with rude words being added but thought people might want this, perhaps I’ll add it and let people remove it.

    Ideally I’ll add pre-moderation at some point.

    Thanks,
    chris

Viewing 1 replies (of 1 total)
  • The topic ‘[Plugin: Auto SEO Tags] Possibly an insecure plugin’ is closed to new replies.