Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sanitize and escapee all settings #917

Merged
merged 3 commits into from Feb 26, 2024
Merged

Sanitize and escapee all settings #917

merged 3 commits into from Feb 26, 2024

Conversation

EvanHerman
Copy link
Owner

@EvanHerman EvanHerman commented Feb 26, 2024
edited

Resolves #916 (both issues linked there)

  • Sanitize all settings
  • Escape all settings
  • Replace all instances of FILTER_SANITIZE_STRING with htmlspecialchars()

@EvanHerman EvanHerman self-assigned this Feb 26, 2024
@EvanHerman EvanHerman marked this pull request as ready for review February 26, 2024 08:01
@EvanHerman EvanHerman merged commit 932ff28 into master Feb 26, 2024
@EvanHerman EvanHerman deleted the sanitize-and-escape-all-settings branch February 26, 2024 08:27
@njwgh njwgh mentioned this pull request Mar 26, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@EvanHerman EvanHerman

Labels
Enhancements High Priority
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

WordPress Easy Forms for Mailchimp plugin <= 6.8.10 - Sensitive Data Exposure via Log File vulnerability
1 participant
@EvanHerman