Potential Security Issues

  • Resolved e4girl

    (@e4girl)


    8 years, 4 months ago

    Hello! We recently had an audit done to look for potential security issues with plugins we use for our university website. The audit revealed several unsanitized post variables. Is this something you are aware of? If so, is it on the roadmap to be fixed? If not, are you amendable to making the changes? Thank you!

Viewing 2 replies - 1 through 2 (of 2 total)

  • There’s quite a lot more I’d like to improve aside from that, but time is limited.
    I wouldn’t worry about the issue you mention too much as – if I remember correctly – the user authorisations are checked, so it would have to be a malicious admin to do any harm and even then, the harm which could be done is *very* limited as the plugin code is effectively only loaded on the plugins page in the back-end.

    Patches are very welcome though, please send in a PR on GitHub: https://github.com/mjangda/plugin-notes

    Thread Starter e4girl

    (@e4girl)

    Thank you for the quick response. I’ll check with my team on a patch and get it to you. ??

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Potential Security Issues’ is closed to new replies.