Web Hosting
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

WordPress fix Bypassing sanitize_text_field()

Discussion in 'Misc WordPress Requests' started by neorichi, Oct 11, 2017.

  1. neorichi

    Guest

    Bypassing sanitize_text_field(), by neorichi

    Hi,
    Using this plugin ‘Influencer Marketing & Press Release System’ i found a XSS into ‘impress_s’ value:
    <input type="text" id="impress_search_feed_input" name="impress_s" value="<?php echo (isset($_GET['impress_s']) && !empty($_GET['impress_s'])) ? sanitize_text_field($_GET['impress_s']) : ""; ?>" required="required" />

    Like you can see this value is using the sanitize_text_field() function but when it is using into value field is possible bypassing using, for example, this code ‘impress_s=” onmouseover=alert(1) display=’ because you can use ‘onmouseover’ without problems.

    Bypassing sanitize_text_field()
     
    #1

Share This Page

Web Hosting