Problem security SQLi

  • in line 24 of file simple-personal-message/admin/partials/simple-personal-message-admin-view.php escape with (int)$_GET[‘message’] or intval($_GET[‘message’]). esc_attr not save sqli when parameter is a numeric. If will have questions, send mail for me. [email protected]

Viewing 1 replies (of 1 total)
  • Plugin Author Md. Shamim Shahnewaz

    (@mdshamimshahnewaz)

    Good Day!

    Thanks for you nice feedback and investigation. Due to some reason I didn’t update my plugin. Today I just released version 2.0.0-alpha, please update to be a better performance. In the upcoming version I will consider your nice feedback.

    Regards
    Author

Viewing 1 replies (of 1 total)
  • The topic ‘Problem security SQLi’ is closed to new replies.