bedard5115

Forum Replies Created

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • September 7th, 2024 at 06:30 in reply to: Split: XSS vulnerability reported by WordFence/Jetpack #148796
    bedard5115
    Participant

    More information. Please let me know if there’s a fix. Jetpack’s fix is to remove the mantra plug-in.

    Themes Vulnerabilities
    Mantra <= 3.3.2 – Authenticated (Contributor+) Stored Cross-Site Scripting
    Description
    The Mantra theme for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

    Affects Themes
    mantra
    No known fix
    References
    CVE
    CVE-2024-44056
    URL
    https://www.wordfence.com/threat-intel/vulnerabilities/id/ced6450a-7d5a-4091-8181-98c005e74346
    Classification
    Type
    XSS
    OWASP top 10
    A7: Cross-Site Scripting (XSS)
    CWE
    CWE-79
    CVSS
    6.4 (medium)
    Miscellaneous
    Original Researcher
    stealthcopter
    Verified
    No
    WPVDB ID
    bf10fd17-849d-404a-8da4-ad633e048c24
    Timeline
    Publicly Published
    2024-08-29 (about 9 days ago)
    Added
    2024-09-05 (about 1 days ago)
    Last Updated
    2024-09-05 (about 1 days ago)

    January 29th, 2022 at 02:19 in reply to: Links do not work after upgrade to 3.3.1 #125951
    bedard5115
    Participant

    Thanks. My immediate workaround was just to deal with the text widget’s purpose in another way and I removed it. Everything now works. Thanks!

    Website: bedard.com

    January 21st, 2022 at 07:01 in reply to: Links do not work after upgrade to 3.3.1 #125637
    bedard5115
    Participant

    Hi. I’m experiencing links on a category page not working. The links in the widget work, but nothing in the post excerpt section, including the twitter and facebook buttons. Thanks. See the link below.

    https://bedard.com/category/toughest-school-in-north-america

    June 6th, 2020 at 19:11 in reply to: Photos appear twice on home page #103703
    bedard5115
    Participant

    Cannot thank you enough. I have gotten really comfortable with Mantra and I was starting to get torqued in unnatural ways about the NextGen Gallery functions. I publish to publish, so I might as well look decent doing it and photos please people. Thanks Zed, I won’t wait so long next time something comes up. I appreciate your tenacity.

    June 5th, 2020 at 00:43 in reply to: Photos appear twice on home page #103644
    bedard5115
    Participant

    Same behavior on 2020. If I had time, I would move everything over to a new style. Thanks for fixing the post summary page issue. That was annoying. I rely alot on images, as you can see. I very much appreciate your time. Mantra has no equal.

    May 31st, 2020 at 23:01 in reply to: Photos appear twice on home page #103473
    bedard5115
    Participant
    This reply is private.
    May 28th, 2020 at 17:53 in reply to: Photos appear twice on home page #103302
    bedard5115
    Participant
    This reply is private.
  • Author
    Posts
Viewing 7 posts - 1 through 7 (of 7 total)