WordPress.org

Profiles

henrisalo

Profile picture of henrisalo
  • Member Since: September 14th, 2011
  • Find me on:

  • Created a topic, Sanitize user input, on the site WordPress Support Forums

    5 days ago

  • Created a topic, CVE-2014-5368: Parameter Remote Path Traversal File Access, on the site WordPress Support Forums

    9 months ago

  • Created a topic, CVE-2013-4117, on the site WordPress Support Forums

    1 year ago

  • Created a topic, CVE-2014-3114, on the site WordPress Support Forums

    1 year ago

  • Posted a reply to "XSS security vulnerability", on the site WordPress Support Forums:
    Reproduced issue in 2.3.3 version of this plugin. Emailed to plugins@wordpress.org as I do not…

    1 year ago

  • Posted a reply to "XSS security vulnerability", on the site WordPress Support Forums:
    I can try to fix that vulnerability for you. I have no way of contacting…

    1 year ago

  • Posted a reply to "XSS security vulnerability", on the site WordPress Support Forums:
    No. Plugin category-grid-view-gallery is still affected by CVE-2013-4117 and maintainer of the plugin has not…

    1 year ago

  • Created a topic, Please visit URL, on the site WordPress Support Forums

    1 year ago

  • Created a topic, Issue: content spoofing, on the site WordPress Support Forums

    1 year ago

  • Posted a reply to "Security vulnerability CVE-2013-7240 directory traversal", on the site WordPress Support Forums:
    Sorry for double post.

    1 year ago

  • Created a topic, Security vulnerability CVE-2013-7240 directory traversal, on the site WordPress Support Forums

    1 year ago

  • Created a topic, Security vulnerability CVE-2013-7240 directory traversal, on the site WordPress Support Forums

    1 year ago

  • Posted a reply to "PageflipBook pageflipbook_language parameter local file inclusion", on the site WordPress Support Forums:
    In the future could you please include changes to changelog (in your http://plugins.svn.wordpress.org/wppageflip/trunk/readme.txt). It would…

    2 years ago

  • Created a topic, XSS security vulnerability, on the site WordPress Support Forums

    2 years ago

  • Posted a reply to "[Plugin: WP CleanFix] Remote Code Execution Warning", on the site WordPress Support Forums:
    This issue is resolved. Please see: https://github.com/wpscanteam/wpscan/issues/186

    2 years ago

  • Created a topic, Add changelog to update emails, on the site WordPress Support Forums

    2 years ago

  • Created a topic, Please update changelog, on the site WordPress Support Forums

    2 years ago

  • Created a topic, PageflipBook pageflipbook_language parameter local file inclusion, on the site WordPress Support Forums

    2 years ago

  • Posted a reply to "Typo in wpVersionFailed()", on the site WordPress Support Forums:
    Another typo in: mail-on-update.php: 125 //inlcude wordpress update functions

    2 years ago

  • Created a topic, Typo in wpVersionFailed(), on the site WordPress Support Forums

    2 years ago

  • Created a topic, [Plugin: Flexible Custom Post Type] Vulnerability fixed in 0.1.7, on the site WordPress Support Forums

    3 years ago

  • Posted a reply to "[Plugin: WP-FaceThumb] Reflected XSS-vulnerability CWE-79", on the site WordPress Support Forums:
    Please use CVE-2012-2371 for this issue. Add it to your changelog if possible, thanks.

    3 years ago

  • Posted a reply to "[Plugin: WP-FaceThumb] Reflected XSS-vulnerability CWE-79", on the site WordPress Support Forums:
    I have not verified this yet. I am not the original founder of this vulnerability.

    3 years ago

  • Posted a reply to "[Plugin: WP-FaceThumb] Reflected XSS-vulnerability CWE-79", on the site WordPress Support Forums:
    This was public issue already. I did not create the original announcement. More people can…

    3 years ago

  • Created a topic, [Plugin: WP-FaceThumb] Reflected XSS-vulnerability CWE-79, on the site WordPress Support Forums

    3 years ago

  • Created a topic, [Plugin: WordPress Integrator] wp-login.php redirect_to Parameter XSS, on the site WordPress Support Forums

    3 years ago

  • Created a topic, [Plugin: Advanced Text Widget] Call to undefined function plugin_basename(), on the site WordPress Support Forums

    3 years ago

  • Posted a reply to "[Plugin: bSuite] XSS security vulnerability in 407", on the site WordPress Support Forums:
    CVE-2011-4955 assigned.

    3 years ago

  • Posted a reply to "[Plugin: bSuite] XSS security vulnerability in 407", on the site WordPress Support Forums:
    Asked CVE-identifier in here: http://seclists.org/oss-sec/2012/q2/89

    3 years ago

  • Created a topic, [Plugin: All-in-One Event Calendar] CVE-2012-1835 XSS vulnerabilities, on the site WordPress Support Forums

    3 years ago

  • Posted a reply to "[Plugin: WP Related Posts] ALERT: Vulnerabilities {Fixed]", on the site WordPress Support Forums:
    Version 1.1 Security update. Added XSS and CSRF protection.

    3 years ago

  • Posted a reply to "[Plugin: Pretty Link Lite] 1.5.2 XSS vulnerability", on the site WordPress Support Forums:
    This is now fixed in the version 1.5.6. Could plugin owner add CVE-2011-4595 to the…

    3 years ago

  • Posted a reply to "can't find uploadify plugin", on the site WordPress Support Forums:
    I think this plugin was pulled out, because of this serious security issue: http://seclists.org/bugtraq/2011/Feb/242

    3 years ago

  • Posted a reply to "[Plugin: bSuite] XSS security vulnerability in 407", on the site WordPress Support Forums:
    It is great news that you reacted to this case. This has been public for…

    3 years ago

  • Posted a reply to "[Plugin: bSuite] XSS security vulnerability in 407", on the site WordPress Support Forums:
    Probably a working solution: http://osvdb.org/show/osvdb/74046

    3 years ago

  • Created a topic, [Plugin: bSuite] XSS security vulnerability in 407, on the site WordPress Support Forums

    3 years ago

  • Created a topic, [Plugin: Inline Gallery] XSS vulnerability in 0.3.9, on the site WordPress Support Forums

    3 years ago

  • Posted a reply to "[Plugin: GRAND FlAGallery - Best Photo & Media Gallery] XSS-vulnerability", on the site WordPress Support Forums:
    http://osvdb.org/show/osvdb/77649

    3 years ago

  • Posted a reply to "WordPress advanced-text-widget Plugin Cross-Site Scripting Vulnerabilities", on the site WordPress Support Forums:
    Fixed in 2.0.2.

    3 years ago

  • Posted a reply to "[Plugin: GRAND FlAGallery - Best Photo & Media Gallery] XSS-vulnerability", on the site WordPress Support Forums:
    I solved this: http://wordpress.org/support/topic/plugin-grand-flagallery-best-photo-media-gallery-another-xss-vulnerability-report-flagshowphppid and let's move conversation here. 1.5, 1.51 and 1.52 was tested…

    3 years ago

  • Posted a reply to "[Plugin: GRAND FlAGallery - Best Photo & Media Gallery] Another XSS-vulnerability report flagsho", on the site WordPress Support Forums:
    Please see: http://wordpress.org/support/topic/plugin-grand-flagallery-best-photo-media-gallery-xss-vulnerability

    3 years ago

  • Posted a reply to "[Plugin: GRAND FlAGallery - Best Photo & Media Gallery] XSS-vulnerability", on the site WordPress Support Forums:
    Could you please tell me how this was fixed as it is fixed says your…

    3 years ago

  • Posted a reply to "[Plugin: Embedded Video] WARNING!!! This plugin will get your site hacked!!", on the site WordPress Support Forums:
    If I contribute patch is it possible that maintainer will add it or can WordPress…

    3 years ago

  • Created a topic, [Plugin: GRAND FlAGallery - Best Photo & Media Gallery] Another XSS-vulnerability report flagsho, on the site WordPress Support Forums

    3 years ago

  • Posted a reply to "[Plugin: GRAND FlAGallery - Best Photo & Media Gallery] XSS-vulnerability", on the site WordPress Support Forums:
    So how did you verify this issue exists? SCM URL: http://plugins.svn.wordpress.org/flash-album-gallery/trunk/changelog.txt """ GRAND FlAGallery by…

    3 years ago

  • Posted a reply to "[Plugin: Pretty Link Lite] 1.5.2 XSS vulnerability", on the site WordPress Support Forums:
    This seem to be fixed in 1.5.4. I verified.

    3 years ago

  • Posted a reply to "[Plugin: Pretty Link Lite] 1.5.2 XSS vulnerability", on the site WordPress Support Forums:
    CVE-2011-4595 has been assigned to this issue.

    3 years ago

  • Created a topic, [Plugin: Pretty Link Lite] 1.5.2 XSS vulnerability, on the site WordPress Support Forums

    3 years ago

  • Posted a reply to "[Plugin: Enable Latex] False-positive remote file include vulnerability?", on the site WordPress Support Forums:
    As my previous testing did not work and you said those lines I think this…

    3 years ago

  • Created a topic, [Plugin: Enable Latex] False-positive remote file include vulnerability?, on the site WordPress Support Forums

    3 years ago