It is currently Fri Mar 22, 2019 8:55 pm




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Authenticated Stored Cross-Site Scripting (XSS)
Unread postPosted: Tue Dec 04, 2018 9:28 pm 
Offline

Joined: Tue Dec 04, 2018 9:02 pm
Posts: 1
In doing a Sucuri scan a potential vulnerability was found with this plugin:

Calendar <= 1.3.10 - Authenticated Stored Cross-Site Scripting (XSS)

How can this be fixed?


Top
 Profile  
 
 Post subject: Re: Authenticated Stored Cross-Site Scripting (XSS)
Unread postPosted: Sat Feb 16, 2019 6:22 pm 
Offline
User avatar

Joined: Sat May 26, 2007 1:55 pm
Posts: 2048
Location: London
This specific issue with the plugin was resolved and in addition a review was conducted by the WordPress plugin team. The recommendations of the team were also implemented and the plugin has been restored to the repository with a clean bill of health.

To get these fixes and remove the error message you're seeing, just use the WordPress dashboard to upgrade to the latest version of calendar which contains these fixes.

_________________
Kieran O'Shea


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 


Who is online

Users browsing this forum: No registered users and 9 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron