E-TARD The LifeCaster
Forum Replies Created
-
oh good after the last update i now cant go back to 2.7.0 everything is Fed up now thank you soo much this is really what i wanted to be dealing today.
I really could use some help with this
can anyone help me????I just need to know what triggers a GT-Cache??????????
Forum: Plugins
In reply to: [Global Translator] [Plugin: Global Translator] Plugin Crashed My Serverthis plugin does not have a DB caching sys
that feature is only in the pay GT pro pluginthe free one does desk caching
now if thats what your talking about i cant see how its GTs fault when some other plugin made GT act like that.you may want to list any other plugins you had running when this happened
Forum: Plugins
In reply to: [Global Translator] Xss attack found in Global Translator 1.3.2just an update on whats going on
we now know that this one https://somesite.com/?s='”><script>alert(1)</script>
has nothing to do with GTbut the others do!!!
/?tag='”><script>alert(1)</script>
/?cat='”><script>alert(1)</script>
/?m='”><script>alert(1)</script>
/?page_id='”><script>alert(1)</script>
/?author='”><script>alert(1)</script>
any one of the XSS’s here will work on the sites listed
reposting this with the tags that apply to the GT matter at hand.
https://www.geghna.org/?author='”><script>alert(1)</script>
https://biu-france.com/?author='”><script>alert(1)</script>
https://www.tsakostanoev.com/?author='”><script>alert(1)</script>Forum: Plugins
In reply to: [Global Translator] Xss attack found in Global Translator 1.3.2oh he knows all about it now
I have been in talks with him over e-mail
the hard part is I’m in the US & he is in ITForum: Plugins
In reply to: [Global Translator] Xss attack found in Global Translator 1.3.2I kind of get the feeling that you ppl think I’m Imagining this
so I did a inurl:gtlang looking for someone running GT
I found some others wordpress sites that have global-translator
https://www.mohamedadamjr.com/?gtlang=ru
& the same XSS works on this site
https://www.mohamedadamjr.com/?s='”><script>alert(1)</script>
and all of them
https://ursula.blogdns.net/?s='”><script>alert(1)</script>
https://www.geghna.org/?s='”><script>alert(1)</script>
https://biu-france.com/?s='”><script>alert(1)</script>
& thats just the top of the list
so we really need to find some way to fix this so we can help all of the many wordpress bloggers out there on the net running GTForum: Plugins
In reply to: [Global Translator] Xss attack found in Global Translator 1.3.2did that & did not change anything….
its ok guys we will just have to w8 for the maker to get off his butForum: Plugins
In reply to: [Global Translator] Xss attack found in Global Translator 1.3.2ok I’m not going to post a [moronic expletive deleted] url to my site on here that has to do with an XSS attack but if you give me your e-mail I will give them to you.
I have bad ppl who would love more then nothing to know about all this thats y I’m trying to keep this some what on the DL.I am 100% sure that this hole is in this plugin
I turned off everything
& the hole went bye bye
I would turn on just one of my plugins then test for the XSS
then turn it off & go to the next one
until I got to global-translator then it hit & I was like
Noooooo!!!!!!!!!!!!!!!!!
I love this plugin & wish it would have been any of my other pluginsas for the gt-cache
that only get called up when you use /?gtlang=
like https://somesite.com/?gtlang=ja
so by having the ja aka Japanese at the end of /?gtlang= the global-translator will look into the gt-cache to see if there is a translation for that page in Japanese
with out the ?gtlang= your not pulling from the gt-cache.& yes there are 2 ways to clear the gt-cache
the easy way is to ftp to your server & delete them or edit global-translator & remove a commented line for a button to show up in the wp-admin controls for GT to clear the gt-cache.
y the maker has it commented out along with some other things I don’t know.Forum: Plugins
In reply to: [Global Translator] Xss attack found in Global Translator 1.3.2well i sent an e-mail to the maker of this plugin
& gave him to the url to this post.
we will w8 & see
but is anyone knows how to go about fixing this
i’d sure like to know.Forum: Fixing WordPress
In reply to: I found some XSS with ?tag=yeah I did not know if Samuel B
had some way of getting a hold of him faster.
all I do know is the maker of that plugin is not easy to get a hold of
& Global Translator is not the kind of plugin I can go with out.
if I do I will piss off google when all the many translated pages start to not show up if I have the plugin off.p.s.
Thanks for all of your help everyone ??Forum: Fixing WordPress
In reply to: I found some XSS with ?tag=I did it & found out its Global Translator Version 1.3.2
I need to some how get a hold of the maker
or can you do that?Forum: Fixing WordPress
In reply to: I found some XSS with ?tag=yeah but i really dont want to post it on here -_-
i also found somemore
https://somesite.com/?tag='”><script>alert(1)</script>
https://somesite.com/?cat='”><script>alert(1)</script>
https://somesite.com/?m='”><script>alert(1)</script>
https://somesite.com/?s='”><script>alert(1)</script>
https://somesite.com/?page_id='”><script>alert(1)</script>
https://somesite.com/?author='”><script>alert(1)</script>so what your saying is someone hacked me & made it so the XSS works with tag,cat,m,page_id,author
i dont think i was hacked its got to be a bad plugin or theme
I’m running Atahualpa theme 3.5.3Forum: Fixing WordPress
In reply to: I found some XSS with ?tag=so I ask agan
https://somesite.com/?tag='”><script>alert(1)</script>
I would like to know how to go about fixing it.
but I’m not sure if this is a hole in WP or my Theme?
is any one out there running wp 3.0.1 getting this xss?Forum: Fixing WordPress
In reply to: I found some XSS with ?tag=ok but I was not hacked this is the work of some dumb coder not dong this job.
Thank you I will do that