XSS: Cross Site Scripting in POST body

  • Resolved andyjay83

    (@andyjay83)


    4 years, 10 months ago

    I received a notification to whitelist the action of trying to edit a button in my site origin live editor.

    After I did, I still wasn’t able to edit the button. When I clicked on it I would just get a white screen. At the top right hand corner of the white screen it said:

    Wed, 13 May 2020 22:47:31 GMT

    Thats it.

    I’ve included a link here as a screenshot of what I’m seeing in wordfence when I expand the row.

    I don’t know if this is an attack or not. My IP address and Hosting are mine in the wordfence report.

    Does anyone know? And if it’s not how can i stop this action from happening so i can edit what i want to edit?

    Thanks so much for your time.

Viewing 5 replies - 1 through 5 (of 5 total)

  • Hi @andyjay83,

    Can you try adding this whitelist rule?

    1. Go to Wordfence -> All Options -> Whitelisted URLs
    2. Put /wp-admin/admin-ajax.php for the URL
    3. Select Param Type: POST Body for the dropdown
    4. Put instance for the Param Name
    5. Add, and Save Changes

    For example: https://i.imgur.com/atHgZoG.png

    Dave

    Thread Starter andyjay83

    (@andyjay83)

    Thanks Dave that worked.

    Does that mean everything is okay? Anything to worry about do you think?

    It should work now, I think what happened is that Wordfence wasn’t able to automatically whitelist that parameter properly.

    Dave

    Thread Starter andyjay83

    (@andyjay83)

    Ok thanks Dave. No need to worry about a security risk?

    Your site should be fine. What happened was that Wordfence was blocking legitimate requests to save your website (using the live editor). It detected that you were adding HTML/scripts, so it flagged the request as potentially malicious.

    Dave

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘XSS: Cross Site Scripting in POST body’ is closed to new replies.