Please add data sanitizing

  • tiphiii

    (@tiphiii)


    9 years, 3 months ago

    Hello,

    I have downloaded your plugin to test it, it works perfectly in WordPress 4.7.2.
    I have noticed that you’re not sanitizing the user-entered search parameter $s though and would recommend that you add this in the next update as a security fix.

    intval($s) for integers and sanitize_text_field($s) would be sufficient.

    For your reference: https://developer.ww.wp.xz.cn/plugins/security/securing-input/

    Best regards

The topic ‘Please add data sanitizing’ is closed to new replies.