WordPress.org

Support

Support » Plugins and Hacks » xLanguage » [Plugin: xLanguage] Uses preg_replace /e

[Plugin: xLanguage] Uses preg_replace /e

  • Hi all,

    this plugin uses the call preg_replace () /e. The /e option is dangerous and therefore not allowed on a lot of servers.

    To quote suhosin:

    “The /e modifier inside preg_replace() allows code execution. Often it is the cause for remote code execution exploits. It is wise to deactivate this feature and test where in the application it is used. The developer using the /e modifier should be made aware that he should use preg_replace_callback() instead. “

    Hopefully the developer reads this and can change it, since a lot of users seem to want to use this plugin

    cheers,
    Stefan

  • The topic ‘[Plugin: xLanguage] Uses preg_replace /e’ is closed to new replies.
Skip to toolbar