Title: Vulnerabilty found
Last modified: August 22, 2016

---

# Vulnerabilty found

 *  [Gastonq_1](https://wordpress.org/support/users/gastonq_1/)
 * (@gastonq_1)
 * [11 years, 4 months ago](https://wordpress.org/support/topic/vulnerabilty-found/)
 * The title input of a webform is stored in the db unsanitized. The ‘Manage item’
   section, in the admin page, prints the title submited in the webform, without
   cleaning it first. A user may input javascript.
 * [https://wordpress.org/plugins/entrywizard/](https://wordpress.org/plugins/entrywizard/)

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [Ilia Tyker](https://wordpress.org/support/users/joanne123/)
 * (@joanne123)
 * [11 years, 4 months ago](https://wordpress.org/support/topic/vulnerabilty-found/#post-5734528)
 * Thanks for catching that!
 * I’ve put out a new version with a fix.
 *  Thread Starter [Gastonq_1](https://wordpress.org/support/users/gastonq_1/)
 * (@gastonq_1)
 * [11 years, 4 months ago](https://wordpress.org/support/topic/vulnerabilty-found/#post-5734579)
 * i’ve updated it but still having the same issue. The ‘manage items’ section echoes
   the title or the caption of the submitted data without cleaning it. e.g: the 
   image pair form has a title called ‘caption’. if a user sets the caption to `"
   ><script>alert('hello')</script>` and then hits submit, the server will store
   it without cleaning it. Thus, when the admin asks for information, such as text
   inputs, images, it’ll popup an alert box. htmlspecialchars() before updating 
   or inserting into db would do the job.
    Also, i found a CSRF vuln. An anonymous
   user is able to update any data stored in the server for another user, simply
   by changing the value of the hidden field that its above the delete button. The
   value must match an existing item_id. hope i’ve been as clear as possible. feel
   free to contact me, i’ll help you.
 *  Plugin Author [Ilia Tyker](https://wordpress.org/support/users/joanne123/)
 * (@joanne123)
 * [11 years, 4 months ago](https://wordpress.org/support/topic/vulnerabilty-found/#post-5734634)
 * We need to take this off-line. Check the about us / contacts page on the site
   for richmond hill camera club, look for webmaster.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Vulnerabilty found’ is closed to new replies.

 * ![](https://s.w.org/plugins/geopattern-icon/entrywizard.svg)
 * [EntryWizard](https://wordpress.org/plugins/entrywizard/)
 * [Support Threads](https://wordpress.org/support/plugin/entrywizard/)
 * [Active Topics](https://wordpress.org/support/plugin/entrywizard/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/entrywizard/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/entrywizard/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [Ilia Tyker](https://wordpress.org/support/users/joanne123/)
 * Last activity: [11 years, 4 months ago](https://wordpress.org/support/topic/vulnerabilty-found/#post-5734634)
 * Status: not resolved