search

picandocodigo / List-Category-Posts

WordPress plugin which allows you to list posts from a category into a post/page using the [catlist] shortcode.
http://wordpress.org/extend/plugins/list-category-posts/
GNU General Public License v2.0
241 stars 112 forks source link

Corrects potential cross site scripting vulnerability #502

Closed VernonGrant closed 6 months ago

VernonGrant commented 1 year ago

Hi,

I correct the potential corss site scripting vulnerability, explained at #501 by extracting only the required query parameters during link generation ( lcp_page_link). All non related query parameters will be automatically discarded. And the remaining page number parameters are maped to their integer values, on failure they are set to 1.

I don't have Vagrant on my system, so I wasn't able to run the tests. I did however setup a local site and included a variaty of shortcodes on a single page to insure that page numbers and bookmarks are functioning as needed. Please run the tests and if there's any issue let me know and I'll update the pull request as needed. 🙏

Resolves #501

codeclimate[bot] commented 1 year ago

Code Climate has analyzed commit 05589f26 and detected 1 issue on this pull request.

Here's the issue category breakdown:

Category Count
Complexity 1

View more on Code Climate.

klemens-st commented 1 year ago

Hi, thanks for the PR. I will try to review by the end of this week.

stale[bot] commented 9 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.