<?xml version="1.0" encoding="UTF-8"?>
	<rss version="2.0"
		xmlns:content="http://purl.org/rss/1.0/modules/content/"
		xmlns:wfw="http://wellformedweb.org/CommentAPI/"
		xmlns:dc="http://purl.org/dc/elements/1.1/"
		xmlns:atom="http://www.w3.org/2005/Atom"

			>

	<channel>
		<title>BlueOwlCreative  &#187;  Topic: Sanitize User Input</title>
		<atom:link href="http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/feed/" rel="self" type="application/rss+xml" />
		<link>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/feed/</link>
		<description></description>
		<pubDate>Fri, 17 Jul 2026 21:57:06 +0000</pubDate>
		<generator>http://bbpress.org/?v=2.5.3-5249</generator>
		<language>en-US</language>

		
														
					
				<item>
					<guid>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/#post-21241</guid>
					<title><![CDATA[Sanitize User Input]]></title>
					<link>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/#post-21241</link>
					<pubDate>Mon, 22 Sep 2014 18:22:32 +0000</pubDate>
					<dc:creator>TSV</dc:creator>

					<description>
						<![CDATA[
						<p>Our security service, SiteLock, keeps telling us that we have a XSS vulnerability and we should edit our index.php to sanitize user input. There are over 30+ index.php with our website. They keep referencing: <a href="http://WebsiteURL.com?=1&#038;s=Search" rel="nofollow">http://WebsiteURL.com?=1&#038;s=Search</a>&#8230;</p>
<p>Do you know which index.php file I need to &#8220;sanitize&#8221;? Is it within our theme or within the WP framework?</p>
						]]>
					</description>

					
					
				</item>

			
				<item>
					<guid>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/#post-21245</guid>
					<title><![CDATA[Reply To: Sanitize User Input]]></title>
					<link>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/#post-21245</link>
					<pubDate>Tue, 23 Sep 2014 09:40:42 +0000</pubDate>
					<dc:creator>BlueOwl</dc:creator>

					<description>
						<![CDATA[
						<p>Hi,</p>
<p>You sure this is the correct URL? I see some domain for sale message. <img src="http://blueowlcreative.com/support_wp/wp-includes/images/smilies/icon_smile.gif" alt=":)" class="wp-smiley" /> </p>
						]]>
					</description>

					
					
				</item>

			
				<item>
					<guid>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/#post-21329</guid>
					<title><![CDATA[Reply To: Sanitize User Input]]></title>
					<link>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/#post-21329</link>
					<pubDate>Sun, 26 Oct 2014 19:25:00 +0000</pubDate>
					<dc:creator>meteor</dc:creator>

					<description>
						<![CDATA[
						<p>I have the same problem. Search page prints the search item without sanitizing the term. This results a reflective-XSS security problem. For more information:</p>
<p><a href="https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)" rel="nofollow">https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)</a></p>
<p><a href="https://www.owasp.org/index.php/Testing_for_Reflected_Cross_site_scripting_(OTG-INPVAL-001)" rel="nofollow">https://www.owasp.org/index.php/Testing_for_Reflected_Cross_site_scripting_(OTG-INPVAL-001)</a></p>
<p>Can you submit updated version of the template?</p>
						]]>
					</description>

					
					
				</item>

			
				<item>
					<guid>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/#post-21331</guid>
					<title><![CDATA[Reply To: Sanitize User Input]]></title>
					<link>http://blueowlcreative.com/support_wp/forums/topic/sanitize-user-input/#post-21331</link>
					<pubDate>Mon, 27 Oct 2014 08:30:31 +0000</pubDate>
					<dc:creator>BlueOwl</dc:creator>

					<description>
						<![CDATA[
						<p>Hey,</p>
<p>This is default WP functionality and is not theme related.<br />
And of course it does escape the special characters, did you actually try to pass some of the test strings shown in your examples?</p>
						]]>
					</description>

					
					
				</item>

					
		
	</channel>
	</rss>

