Make WordPress Core

Opened 18 years ago

Closed 18 years ago

#3053 closed defect (bug) (worksforme)

several bugs (including security related)

Reported by: denis-de-bernardy's profile Denis-de-Bernardy Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.1
Component: Administration Keywords:
Focuses: Cc:

Description

I hired a tester to conduct a series of tests on a WP MU install, in order to check for bugs and potential XSS issues.

His job was to post the following string in every field he could access from the admin area:

<script>alert('hello');</script> t\e's"t <i>test</i>

And to report anything that seemed wrong. His feedback, for information:


  1. Write Post:(Url:http://azmi.rehashthegame.com/wp-admin/post-new.php)

Issue: When I Entered the string "<script>alert('hello');</script> t\e's"t <i>test</i> in HTMLarea then it displays as "alert('hello'); te's"t test " at front end and when i entered the same string in simple Textfields it display like "<script>alert('hello');</script> t\e's"t <i>test</i>". but this time no alert message appears on the screen.

  1. Write Pages:(/wp-admin/post-new.php)

Issue: when I hit "Save" button without providing any Values, the page created with the Blank values. We should validate this by a javascript which checks if the values is Blank the form should not be posted

  1. Add Category:(Url: /wp-admin/categories.php#addcat1.)

Issue:Again the same issues. Not proper validations applied on the fields.so teh category withour any Name or any other values is successfully added in to the system.

  1. BlogRoll Management: (/wp-admin/link-manager.php)

Issue: Can't able to select/deselect the checkbox placed at the top.

  1. Add Link: (/wp-admin/link-add.php)

Issue: Form accepts the Blank Values.and teh Link Added with the Blank values.

6.Users:

Issue: While Adding the new Users, Email field allow me to enter any value. Script should Validate the value at the client end and if doesn't contain '@',it should display the proper message and the form should not be submitted.

Functional Issues:

Users:

  1. When i tried to search the script "<script>alert('hello');</script> t\e's"t <i>test</i>.. It display the" Hello" message and throws the Error:

Warning: Invalid argument supplied for foreach() in /wp-admin/users.php on line 372

  1. Unable to Add new User to the List.
  1. No error message displayed when i entered a wiered value(xyz000) for Email Field although the User is not created but it should display the proper message to the user.
  1. Error Page should be properly Formated. right now it only display the error message without the Header and footers.which breaks the consistency of the application.

(/wp-admin/profile-update.php)

  • While searching "azmi.ali" below error occurs:

Warning: Invalid argument supplied for foreach() in /wp-admin/users.php on line 372

Change History (2)

#1 @RuddO
18 years ago

Denis, I guess it's kind of rude to ask for this, but could you split this bug into several ones so they can be atomically tracked and solved, and stats more accurately reflect the truth behind WP bug hunting activity?

#2 @Nazgul
18 years ago

  • Resolution set to worksforme
  • Status changed from new to closed
  • Version set to 2.1

First of all. This isn't the place for WordPress MU bugs.
Although the list you give does relate to the normal WordPress core as well.

  1. Isn't this desired behaviour?
  2. See #3198.
  3. See #3199.
  4. Worksforme.
  5. See #3200.
  6. Worksforme.
  1. Worksforme.
  2. Worksforme.
  3. Worksforme.
  4. Worksforme.
  5. Worksforme.

Closing this ticket as worksforme as the still standing issues now have their own tickets.

Note: See TracTickets for help on using tickets.