View Single Post
  #1  
Old April 8th, 2012, 06:42 AM
rossboardman rossboardman is offline
 
Join Date: May 2010
Posts: 21
Exclamation Possible XSS flaw in simple search widget/results

Hi

I'm using the simple search widget for my store, but I noticed it's not stripping html when outputting the search term and I'm worried about possible cross site scripting issues.

The search page view has these lines in it:

Code:
<?php if (@$_GET['word']){ ?><li><b>Word: </b>[store.get param="word"]</li><?php } ?>
  <?php if (@$_GET['merchant']){ ?><li><b>Merchant: </b>[store.get param="merchant"]</li><?php } ?>
  <?php if (@$_GET['tags']){ ?><li><b>Tags: </b>[store.get param="tags"]</li><?php } ?>
  <?php if (@$_GET['price']){ ?><li><b>Price: </b>[store.get param="price"]</li><?php } ?>
which looks like it's not doing much clean up of the strings so I'd like some help cleaning up the string and also making sure nothing is actually getting executed on the database that could be potentially harmful.

Is there an existing wordpress function I could use to clean things up for the front end?

Cheers.