If you have troubles since the update to WordPress 4.5 please read this post before opening a new thread.

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
  • #17425

    I recently got this message from a stranger via my contact form on my website (www.dancinshoesdj.com). Is there anything to it?

    I’m a Finnish security researcher. This site is vulnerable to reflected Cross-site Scripting attacks. Please see my web-site – latest blog entry – about the issue that affects multiple themes by Kriesi.

    I would have posted this information to Kriesi’s support forum, but I’m not their customer and therefore cannot login. I feel I must now contact some vulnerable sites, because you have the possibility to ask for corrections from the developer.

    Kind Regards,

    Janne Ahlberg



    Hi greensleeves,

    I believe Kriesi is already aware of the issues Janne presents but just in case I’m tagging Kriesi as well as the rest of the support team to this thread.





    See: http://www.kriesi.at/support/topic/xss

    Best regards,




    I am aware and the updates are already in the pipeline, once they are approved from themeforest you will be able to download them ;)



Viewing 4 posts - 1 through 4 (of 4 total)

The topic ‘Broadscope theme vulnerable to Cross-site scripting attacks?’ is closed to new replies.