[wp-trac] [WordPress Trac] #44220: Cross Site Scripting stored at ALPHA STORE Theme
WordPress Trac
noreply at wordpress.org
Thu May 24 21:51:13 UTC 2018
#44220: Cross Site Scripting stored at ALPHA STORE Theme
--------------------------+------------------------------
Reporter: francinys | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Themes | Version: trunk
Severity: critical | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by SergeyBiryukov):
Hi @francinys and welcome to Trac,
It appears that you're posting a comment as a user who is
[https://make.wordpress.org/core/handbook/testing/reporting-security-
vulnerabilities/#why-are-some-users-allowed-to-post-unfiltered-html
trusted to post arbitrary HTML] (users with Administrator or Editor role
by default).
This is often reported as a security vulnerability, if that's your
intention, this was the wrong location to post it. Please see the
directions for [https://make.wordpress.org/core/handbook/testing
/reporting-security-vulnerabilities/#where-do-i-report-security-issues
reporting a security vulnerability here].
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44220#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list