Cross Site Scripting issues in: FilterCourseElementor.php

[YouGina]

The following lines are vulnerable to XSS:

learnpress/inc/ExternalPlugin/Elementor/Widgets/Course/FilterCourseElementor.php

Line 203 in 2e7a046

echo '<span class="' . $classListItem . '" data-name="term_id" data-value="' . $cat . '">' . get_term($cat, 'course_category')->name . '' . $icon_move . '</span>';

learnpress/inc/ExternalPlugin/Elementor/Widgets/Course/FilterCourseElementor.php

Line 210 in 2e7a046

echo '<span class="' . $classListItem . '" data-name="tag_id" data-value="' . $tag . '">' . get_term($tag, 'course_tag')->name . '' . $icon_move . '</span>';

learnpress/inc/ExternalPlugin/Elementor/Widgets/Course/FilterCourseElementor.php

Lines 215 to 219 in 2e7a046

	if ($_GET['sort_by'] == 'on_free') {
	echo '<span class="' . $classListItem . '" data-name="sort_by" data-value="' . $_GET['sort_by'] . '">' . __('Free', 'learnpress') . '' . $icon_move . '</span>';
	} else {
	echo '<span class="' . $classListItem . '" data-name="sort_by" data-value="' . $_GET['sort_by'] . '">' . __('Paid', 'learnpress') . '' . $icon_move . '</span>';
	}

learnpress/inc/ExternalPlugin/Elementor/Widgets/Course/FilterCourseElementor.php

Lines 223 to 227 in 2e7a046

	if ($_GET['c_level'] == 'all') {
	echo '<span class="' . $classListItem . '" data-name="c_level" data-value="' . $_GET['c_level'] . '">' . __('All Levels', 'learnpress') . '' . $icon_move . '</span>';
	} else {
	echo '<span class="' . $classListItem . '" data-name="c_level" data-value="' . $_GET['c_level'] . '">' . $_GET['c_level'] . '' . $icon_move . '</span>';
	}

learnpress/inc/ExternalPlugin/Elementor/Widgets/Course/FilterCourseElementor.php

Line 234 in 2e7a046

echo '<span class="' . $classListItem . '" data-name="c_authors" data-value="' . $_GET['c_authors'] . '">' . $user->display_name . '' . $icon_move . '</span>';

This code is disabled in the current version that is downloadable via wordpress.org, but enabled in the current development version. Would be great if this could be solved before going to production.

[tungnxt89]

Hi YouGina,

Currently, we don't release this Widget. But on the code we'll fix it on v4.2.7.1

Thanks.
Best Regard!