Comments on: Ajax Edit Comments now with Move Comments feature

By: Rene

Rene — Tue, 29 Sep 2009 17:30:07 +0000

fixed now… good to know. nice! as i pointed out in my post, rejecting bogus action parameters would be best practice. better than just sanitizing.

By: Ajay

Ajay — Tue, 29 Sep 2009 17:25:35 +0000

Should be fixed now!

However, thanks to you pointing this out, Ronald and me are working on making this even more secure.

By: Rene

Rene — Tue, 29 Sep 2009 17:22:58 +0000

Your site is still vulnerable: ttp://ajaydsouza.com/wp-content/plugins/wp-ajax-edit-comments/php/move-comment.php?action=%22%3E%3C/input%3E%3Cdiv%20style=position:absolute;top:0;left:0;width:2000px;height:1000px;background-color:black;font-size:120px;color:red;%3ETHIS%20SHOULD%20NOT%20BE%3Cbr%3EPOSSIBLE%3C/div%3E%3Cspan%20style=color:black%3E%3Cinput%20type=%22hidden

let me suggest you update to the version you just have released… lmao

By: Ajay

Ajay — Tue, 29 Sep 2009 15:47:45 +0000

The latest version should fix those vulnerabilities

By: kestrel

kestrel — Tue, 29 Sep 2009 14:11:27 +0000

Guys – thanks so much for the quick fix. Sounds like there may be an additional vulnerability in wp-ajax-edit-comments?

It’s too bad WP doesn’t have an “urgent plugin update” function that puts a notification at the top of the admin page (or maybe it does??). I’m sure this kind of thing happens a lot with other plugins.

By: Rene

Rene — Tue, 29 Sep 2009 05:25:06 +0000

Do yourself a favor and fix your wp-ajax-edit-comments too. Wouldnt be bad if you were a little more communicative about this issue and WARN those who have installed it as well.

By: Ajay

Ajay — Tue, 29 Sep 2009 01:46:15 +0000

It’s been fixed and the new version 2.4.0.3 has been uploaded

By: Rene

Rene — Mon, 28 Sep 2009 17:56:33 +0000

Ajay you gotta fix this:

—

By: kestrel

kestrel — Tue, 22 Sep 2009 03:10:45 +0000

thanks!! also to clarify, actually you only get the “request failed” error if the comment is in need of moderation. if an unregistered user is “trusted” and the post is automatically approved, you get the other situation (post disappears without “success” message, leaving user wondering exactly what happened).

Anyway thanks to you and Ronald for this plugin which is becoming more useful at light speed and in unexpected ways!

By: Ajay

Ajay — Tue, 22 Sep 2009 02:44:38 +0000

Hi Kestrel,

When a user requests removal, the comment moves to the moderated queue, hence the “request failed”.

But, yes it can be worded better.

I’ll pass this on to Ronald and look into it myself. We can try implementing some of the suggestions above.