WordPress.org

Plugin Directory

Opened 6 years ago

Last modified 6 years ago

#1357 new defect

JS injection vulnerability in gt-tabs

Reported by: outis Owned by: Diomenas
Priority: high Severity: major
Plugin: not-listed Keywords: gt-tabs
Cc:

Description

In GTTabs.php, GT Tabs outputs the value from the "GTTabs" query string parameter directly into a javascript element, opening it to JS injection.

Casting the value to an int should close the vulnerability. See attached patch file.

Attachments (1)

GTTabs.php.patch (671 bytes) - added by outis 6 years ago.
Patches GTTabs.php: cast "GTTabs" query string param to an int before outputting it.

Download all attachments as: .zip

Change History (2)

@outis6 years ago

Patches GTTabs.php: cast "GTTabs" query string param to an int before outputting it.

comment:1 @outis6 years ago

  • Owner set to Diomenas
Note: See TracTickets for help on using tickets.