-
GyziieDK replied to the topic BuddyPress Global Search Vulnerability issue in the forum How-to & Troubleshooting 3 weeks, 2 days ago
Hello @varunkamani
I already gave you a few options to choose from, so in the end it’s up to you.
1. Ignore error and keep plugin
Keep the plugin and accept the fact that it comes with some issues and risks.
The risk itself is pretty low when it comes to the XSS since this is pretty common.
Like mentioned before, old and unsupported plugins do…[Read more] -
GyziieDK replied to the topic BuddyPress Global Search Vulnerability issue in the forum How-to & Troubleshooting 4 weeks ago
-
GyziieDK replied to the topic BuddyPress Global Search Vulnerability issue in the forum How-to & Troubleshooting 4 weeks ago
@varunkamani it’s not that simple.
The vulnerability issue in this case is Cross Site Scripting (XSS).
This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.
It is a known risk in general to use outdated and…[Read more]
@varunkamani
Active 3 weeks, 2 days ago
