Postie Plugin

Back to the TOC

As Oct. 2012 the Postie Plugin required the following change in postie_getmail.php

if(preg_match("@((%3C|<)/?script|<meta|document\.|\.cookie|\.createElement|onload\s*=|(eval|base64)\@is",$email)){	echo "possible XSS attack - ignoring email\n";	continue; }