WordPress.org
Get WordPress

Plugin Directory

Changeset 2708173


Ignore:
Timestamp:
04/11/2022 05:46:50 PM (4 years ago)
Author:
fastflow
Message:

Fix for potential Cross Site Scripting vulnerability

Location:
fast-flow-dashboard/trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • fast-flow-dashboard/trunk/fastflow.php

    r2689915 r2708173  
    55 * Plugin URI: https://fastflow.io
    66 * Description: User tagging and dashboard plugin for Fast Flow system
    7  * Version: 1.2.10
     7 * Version: 1.2.11
    88 * Author: FastFlow.io
    99 * Author URI: https://fastflow.io

  • fast-flow-dashboard/trunk/includes/fast-tagger-pages.php

    r1981978 r2708173  
    124124                    <tr><td width="10%">
    125125                        <form id="fast-tagger-quick-tags" method="post">
    126                             <input type="hidden" name="page" value="<?php echo $_REQUEST['page'] ?>" />
     126                            <input type="hidden" name="page" value="<?php echo esc_attr($_REQUEST['page']); ?>" />
    127127                            <input type="hidden" name="action" value="do_something" />
    128128                            <?php wp_nonce_field( 'tag_add_or_filter', 'tag_add_or_filter' ); ?>

  • fast-flow-dashboard/trunk/readme.txt

    r2689915 r2708173  
    6565== Changelog ==
    6666
     67= 1.2.11 =
     68
     69Fix for potential Cross Site Scripting vulnerability
     70
    6771= 1.2.10 =
    6872
Note: See TracChangeset for help on using the changeset viewer.