BuddyPress.org | varunkamani | Mentions https://buddypress.org/members/varunkamani/activity/mentions/ Activity feed mentioning varunkamani. Sat, 11 Apr 2026 20:57:37 +0000 https://buddypress.org/?v= en-US 30 hourly 2 f2d23d98f9543b84e97b1b5a4f602639 GyziieDK replied to the topic BuddyPress Global Search Vulnerability issue in the forum How-to & Troubleshooting https://buddypress.org/support/topic/buddypress-global-search-vulnerability-issue/#post-335435 Tue, 29 Oct 2024 07:53:30 +0000 Hello @varunkamani

I already gave you a few options to choose from, so in the end it’s up to you.

1. Ignore error and keep plugin
Keep the plugin and accept the fact that it comes with some issues and risks.
The risk itself is pretty low when it comes to the XSS since this is pretty common.
Like mentioned before, old and unsupported plugins do…[Read more]

]]> fa6a67391268dded42cc074e3db7fa96 GyziieDK replied to the topic BuddyPress Global Search Vulnerability issue in the forum How-to & Troubleshooting https://buddypress.org/support/topic/buddypress-global-search-vulnerability-issue/#post-335391 Thu, 24 Oct 2024 07:45:44 +0000 @varunkamani

This might also be worth looking into (might be worth it).

Prevent XSS Vulnerability

]]> 692aaf4a271bdbb39a8c182c80f26add GyziieDK replied to the topic BuddyPress Global Search Vulnerability issue in the forum How-to & Troubleshooting https://buddypress.org/support/topic/buddypress-global-search-vulnerability-issue/#post-335390 Thu, 24 Oct 2024 07:32:45 +0000 @varunkamani it’s not that simple.

The vulnerability issue in this case is Cross Site Scripting (XSS).

This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site.

It is a known risk in general to use outdated and…[Read more]

]]>