Project: Wordpress Plugin ZodiacPress 1.5.7

Vulnerability: #7524911 (2018-02-13 19:25:17)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink PHP::echo
Risk _GET
/zodiacpress/includes/admin/settings/display-settings.php:24 (show/hide source)
4   *
5   * @package     ZodiacPress
6   * @subpackage  Admin/Settings
7   * @copyright   Copyright (c) 2016-2017, Isabel Castillo
8   * @license     http://opensource.org/licenses/gpl-2.0.php GNU Public License
9  */
10  
11  if ( ! defined( 'ABSPATH' ) ) exit;
12  
13  /**
14   * Settings Page
15   *
16   * Renders the settings page contents.
17   *
18   * @return void
19   */
20  function zp_options_page() {
21  
22  	$settings_tabs = zp_get_settings_tabs();
23  	$settings_tabs = empty( $settings_tabs ) ? array() : $settings_tabs;
24 $active_tab = isset( $_GET['tab'] ) && array_key_exists( $_GET['tab'], $settings_tabs ) ? sanitize_text_field( $_GET['tab'] ) : 'natal';
25 $sections = zp_get_settings_tab_sections( $active_tab ); 26
Threat level 2

Callstack:

@FUNCTION::zp_options_page /zodiacpress/includes/admin/settings/display-settings.php:30 (show/hide source)
10  
11  if ( ! defined( 'ABSPATH' ) ) exit;
12  
13  /**
14   * Settings Page
15   *
16   * Renders the settings page contents.
17   *
18   * @return void
19   */
20  function zp_options_page() {
21  
22  	$settings_tabs = zp_get_settings_tabs();
23  	$settings_tabs = empty( $settings_tabs ) ? array() : $settings_tabs;
24  	$active_tab    = isset( $_GET['tab'] ) && array_key_exists( $_GET['tab'], $settings_tabs ) ? sanitize_text_field( $_GET['tab'] ) : 'natal';
25  	$sections      = zp_get_settings_tab_sections( $active_tab );
26  
27  	$section = isset( $_GET['section'] ) && ! empty( $sections ) && array_key_exists( $_GET['section'], $sections ) ? sanitize_text_field( $_GET['section'] ) : 'main';
28  	ob_start();
29  	?>
30 <div class="wrap <?php echo 'wrap-' . $active_tab; ?>">
31 <?php zp_extend_link(); 32 zp_feedback_link(); ?>