Title: [Plugin: Infinite-Scroll] Security issue
Last modified: August 20, 2016

---

# [Plugin: Infinite-Scroll] Security issue

 *  Resolved [Julio Potier](https://wordpress.org/support/users/juliobox/)
 * (@juliobox)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/plugin-infinite-scroll-security-issue/)
 * Hello
 * You have to sanitize your datas, especially the ones from user’s side.
 * Example: go here:
    [http://SITE.COM/wp-admin/options-general.php?page=wp_infinite_scroll.php&default=presets](http://SITE.COM/wp-admin/options-general.php?page=wp_infinite_scroll.php&default=presets)
   and in any field type ‘ “>XSS ‘ (without single quote) This result in a XSS attack.
   Ok, you have to be admin to exploit it, so, not a big deal, but, use esc_attr()
   please 😉
 * See you !
 * [http://wordpress.org/extend/plugins/infinite-scroll/](http://wordpress.org/extend/plugins/infinite-scroll/)

Viewing 1 replies (of 1 total)

 *  Plugin Contributor [beaver6813](https://wordpress.org/support/users/beaver6813/)
 * (@beaver6813)
 * [14 years, 3 months ago](https://wordpress.org/support/topic/plugin-infinite-scroll-security-issue/#post-2583912)
 * Thats a good spot, thanks Julio. I already run validation on all other option
   fields, its just the presets tab that is missing that kind of validation (it 
   doesn’t use WordPress to handle them as strictly speaking they’re not “options”).
   
   I’ll get a fix put in over the weekend, thanks for spotting it 🙂

Viewing 1 replies (of 1 total)

The topic ‘[Plugin: Infinite-Scroll] Security issue’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/infinite-scroll.svg)
 * [Infinite-Scroll](https://wordpress.org/plugins/infinite-scroll/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/infinite-scroll/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/infinite-scroll/)
 * [Active Topics](https://wordpress.org/support/plugin/infinite-scroll/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/infinite-scroll/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/infinite-scroll/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [beaver6813](https://wordpress.org/support/users/beaver6813/)
 * Last activity: [14 years, 3 months ago](https://wordpress.org/support/topic/plugin-infinite-scroll-security-issue/#post-2583912)
 * Status: resolved