Title: Security problem in plugin
Last modified: August 21, 2016

---

# Security problem in plugin

 *  [mtp1376](https://wordpress.org/support/users/mtp1376/)
 * (@mtp1376)
 * [12 years, 8 months ago](https://wordpress.org/support/topic/security-problem-in-plugin/)
 * Hello, i just discovered a security bug in your plugin that gives an attacker
   power to get full control of the site using XSS attack.
 * Bug is XSS and it’s Stored in DB.
 * For more info contact me. (it’s Free :)) )
 * [http://wordpress.org/plugins/private-messages-for-wordpress/](http://wordpress.org/plugins/private-messages-for-wordpress/)

Viewing 2 replies - 1 through 2 (of 2 total)

 *  Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/)
 * (@jdembowski)
 * Forum Moderator and Brute Squad
 * [12 years, 8 months ago](https://wordpress.org/support/topic/security-problem-in-plugin/#post-4129575)
 * mtp1376 for any and all plugin related security issues please do not hesitate
   to send the details to plugins [at] wordpress.org.
 * Security related issues such as you’ve described are very serious and need to
   be addressed sooner than later.
 * [http://codex.wordpress.org/FAQ_Security](http://codex.wordpress.org/FAQ_Security)
 *  Thread Starter [mtp1376](https://wordpress.org/support/users/mtp1376/)
 * (@mtp1376)
 * [12 years, 8 months ago](https://wordpress.org/support/topic/security-problem-in-plugin/#post-4129576)
 * Thank you Jan, I’ll do it from now 🙂

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Security problem in plugin’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/private-messages-for-wordpress.svg)
 * [Private Messages For WordPress](https://wordpress.org/plugins/private-messages-for-wordpress/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/private-messages-for-wordpress/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/private-messages-for-wordpress/)
 * [Active Topics](https://wordpress.org/support/plugin/private-messages-for-wordpress/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/private-messages-for-wordpress/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/private-messages-for-wordpress/reviews/)

 * 2 replies
 * 2 participants
 * Last reply from: [mtp1376](https://wordpress.org/support/users/mtp1376/)
 * Last activity: [12 years, 8 months ago](https://wordpress.org/support/topic/security-problem-in-plugin/#post-4129576)
 * Status: not resolved