Cross site scripting (XSS) and Cross-site Request Forgery (CSRF) – SQL-problems

We're shifting our Forum based support to a more dedicated support system!

We'll be closing our Forum support from 10th June, 2020 and move to Email Support assistance.

  • If you are a WCFM premium add-ons user, contact us- here
  • Want to know more before buying our add-ons? Send Pre sale queries- here
  • If you are a WCFM free user, please open a support ticket at WordPress.org
  • For WCFM App related queries, reach us- here
From now the forum will be read-only!

Multi Vendor Marketplace Plugin | WCFM Marketplace Forums WCFM – Ultimate Cross site scripting (XSS) and Cross-site Request Forgery (CSRF) – SQL-problems

Tagged: , ,

Viewing 3 reply threads
  • Author
    Posts
    • January 27, 2020 at 6:44 pm #104201
      inspire
      Participant

      Hello guys,
      Is possible to block XSS, CSRF and SQL injection for all text input fields? You can simple use this function – ( text() – jquery / sanitize_text_field() – php ).

      Thank you!
      Alexandru

      Attachments:
      You must be logged in to view attached files.
    • January 31, 2020 at 7:59 pm #104806
      inspire
      Participant

      KInd reminder

    • February 3, 2020 at 6:04 pm #105195
      inspire
      Participant

      kind reminder 🙂

    • February 6, 2020 at 1:32 pm #105723
      WCFM Forum
      Keymaster

      Well, you may add such code using inquiry text box but those will not executed.

      https://wclovers.com/wp-content/uploads/2020/01/Clipboard02.jpg – are you getting alert in this page? Hope NO. Those are added as normal text, not code. Such things already taken care here!

      Between, do you ever test same for WordPress Post comment or WooCommerce product review? If no, please do once!

      Thank You

  • Author
    Posts
Viewing 3 reply threads
  • You must be logged in to reply to this topic.