Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
WordPress 4.2 Stored XSS (klikki.fi)
8 points by mpalme on April 27, 2015 | hide | past | favorite | 2 comments



I was surprised there is no plugin to limit the size of a comment, so I ended up editing `wp-comments-post.php` line 129 from:

if ( '' == $comment_content ) {

to:

if ( '' == $comment_content || 32768 < strlen($comment_content) ) {


I was surprised that the PHP database access layer doesn't throw an error and aborts the transaction (like the other DAL I know would do).




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: