XSS Vulnerability
Issue #1
resolved
XSS issue found in Parallax Scroll plugin v2.0. It seems _posttitle (aka Title field) in /includes/adamrob-parralax-shortcode.php is not sanitized, but please check it again. I tested it on XAMPP with latest version of Wordpress, i.e. v.5.0.3. Steps to reproduce:
Comments (2)
-
reporter -
reporter - changed status to resolved
Resolved on version 2.1 release
- Log in to comment
Problem tracked and fixed when rendering the post. Alter the post save so it strips any tags before saving to WP