grcwebteam
Forum Replies Created
-
Developers? Any chance of this being updated to work with 5.5.1 and above?
Forum: Plugins
In reply to: [Media Library Assistant] Cross Site Scripting (Reflected)Excellent, thanks for the update!
Forum: Plugins
In reply to: [Media Library Assistant] Cross Site Scripting (Reflected)Hi David,
We re-scanned our site with this development release and it was not flagged for XSS issues. Thank you very much for fixing this! Do you plan to formally release these plugin changes in the future?
Forum: Plugins
In reply to: [Media Library Assistant] Cross Site Scripting (Reflected)Thanks David, we will be installing and testing it next week. I will report back with the results.
Forum: Plugins
In reply to: [Media Library Assistant] Cross Site Scripting (Reflected)We are also receiving warnings about client-side HTTP parameter pollution:
Request:
GET .../?mla_paginate_current=2&adm%26twb%3d1=1 HTTP/1.1Response:
<a class="page-numbers" href=".../?hrr&kqj=1%3D1&mla_paginate_current=2">The resolution suggestion here is that URL input be encoded before being embedded in a URL.
Forum: Plugins
In reply to: [User Role Editor] Class ‘URE_Admin_Menu_Hashes’ not foundHi Vladimir,
We removed that record from the database and the warning is gone.
Thanks!
Forum: Plugins
In reply to: [User Role Editor] Class ‘URE_Admin_Menu_Hashes’ not foundHi Vladimir,
Thanks for the suggestion. We currently have a production freeze on our databases, so we’ll be making this change sometime in January. I will report back whether running this query has solved our issue.
Thanks!