- This topic has 7 replies, 3 contibutors, and was last updated 9 years, 5 months ago by
.
Question
I do admit, this plugin is pretty awesome, but it is bringing up everything on pages, including shortcodes. For example, on accident I typed “dd” in the search field and all pages with shortcodes for my membership plugin cam up in the results, along with the shortcodes. There was no other text on these pages except for the shortcodes in brackets. Obviously this is a huge security issue as I do not want users to be able to see the shortcodes on my pages. Is this a known issue, and, if so, how do we resolve it?
Answers
@don4law this is NOT a known issue to my knowledge. Thank you for reporting that. I will pass this along.
Are we making any progress on this? If not, I may have to just deactivate this plugin, but that would be a shame because it does work well
@don4law I suggest you deactivate it. Since this is a free plugin it’s updates are typically lower priority but not ignored, it just takes longer to fix than the bigger theme and paid plugin issues we are working on. Sorry.
@
@don4law @tjchester
Can you help us replicate this issue? We actually added code a long time ago to remove shortcodes from the results, and from out testing it appears to still be working.
For example, assume I have shortcode named “my-shortcode” which when called echoes “hello world”.
When I use search term “my” it displays the post name with content as “hello world” in search result, but that’s it.@@don4law What is the membership plugin you’re using which is putting shortcodes into the search?
- The question ‘Huge Security Issue: BuddyPress Global Search TOO Global’ is closed to new replies.