WordPress.org

Support

Support » Plugins and Hacks » Server path showing in HTML

Server path showing in HTML

  • The function called on the form send button – postToMailChimp() – has the server path as the second argument – see code below.

    Whilst not awful – is this needed? (Full Path Disclosure (FPD))

    <input type="button"
    class="nm_mc_button"
    value="Send"
    id="nm_mc_button-1353512887"
    onclick="postToMailChimp(
       'DOMAIN/wp-content/plugins/nmedia-mailchimp-widget/api_mailchimp/postToMailChimp.php',
       'SERVER PATH',
       '1353512887',
       '')"
     / >

    Also (minor) you have a space between last slash and chevron.

    Thanks

    http://wordpress.org/extend/plugins/nmedia-mailchimp-widget/

Viewing 1 replies (of 1 total)
  • Plugin Author nmedia

    @nmedia

    Hi,

    thanks for information, I will fix it and let you now as soon as possible.

    regards,
    Najeeb

Viewing 1 replies (of 1 total)
  • The topic ‘Server path showing in HTML’ is closed to new replies.