Title: Security Bug Last modified: August 21, 2016 --- # Security Bug * [FuzzBaBa](https://wordpress.org/support/users/fuzzbaba/) * (@fuzzbaba) * [12 years ago](https://wordpress.org/support/topic/security-bug-4/) * Hello, I found A Stored xss Bug. * Reproduce this bug:- * 1:- Go to Clicky Configuration 2.Enter Xss Payload @ Site ID: 3. save 4.xss payload executed. it is stored xss. * yes it require admin access but it is also a valid bug.. as Bug bounty program over internet.. * patch & notify me ASAP * [https://wordpress.org/plugins/clicky/](https://wordpress.org/plugins/clicky/) Viewing 3 replies - 1 through 3 (of 3 total) * Thread Starter [FuzzBaBa](https://wordpress.org/support/users/fuzzbaba/) * (@fuzzbaba) * [12 years ago](https://wordpress.org/support/topic/security-bug-4/#post-4908906) * Xss Payload @ [http://pastebin.com/iyp2Cye2](http://pastebin.com/iyp2Cye2) * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [12 years ago](https://wordpress.org/support/topic/security-bug-4/#post-4908907) * FuzzBaBa? That isn’t the best way to report security bugs. * [http://codex.wordpress.org/FAQ_Security#Where_do_I_report_security_issues.3F](http://codex.wordpress.org/FAQ_Security#Where_do_I_report_security_issues.3F) * For a plugin that has security issues please report the details to plugins [at] wordpress.org and they can contact the author directly and/or suspend the plugin temporarily if need be. * Thread Starter [FuzzBaBa](https://wordpress.org/support/users/fuzzbaba/) * (@fuzzbaba) * [12 years ago](https://wordpress.org/support/topic/security-bug-4/#post-4908909) * okk Thankx ..i report it to WordPress… Viewing 3 replies - 1 through 3 (of 3 total) The topic ‘Security Bug’ is closed to new replies. * ![](https://ps.w.org/clicky/assets/icon.svg?rev=2107627) * [Clicky by Yoast](https://wordpress.org/plugins/clicky/) * [Support Threads](https://wordpress.org/support/plugin/clicky/) * [Active Topics](https://wordpress.org/support/plugin/clicky/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/clicky/unresolved/) * [Reviews](https://wordpress.org/support/plugin/clicky/reviews/) * 3 replies * 2 participants * Last reply from: [FuzzBaBa](https://wordpress.org/support/users/fuzzbaba/) * Last activity: [12 years ago](https://wordpress.org/support/topic/security-bug-4/#post-4908909) * Status: not resolved