You have to sanitize your datas, especially the ones from user’s side.
Example: go here:
and in any field type ‘ “>XSS ‘ (without single quote)
This result in a XSS attack.
Ok, you have to be admin to exploit it, so, not a big deal, but, use esc_attr() please 😉
See you !
- The topic ‘[Plugin: Infinite-Scroll] Security issue’ is closed to new replies.