Hi there,
We have just discovered a bug in the hide_my_wp plugin, namely in the the code block starting from 320 line of plugins/hide_my_wp/init.php which replaces all occurrences of name=’s’ or name=”s” to name=’NEW_VAR’.
—–
$this->preg_replace_old[] = “/name=(‘|\”)s(‘|\”)/”;
$this->preg_replace_new[] = “name='” . $new_search_query . “‘”;
—–
It causes incorrect patching of search query vars in various places, e.g. theme, 3rd party plugins and embedded javascripts.
In our case it incorrectly patches a jQuery selector, e.g.
$( ‘input[name=”s”]’ ) is replaced with $( ‘input[name=’s’]’ ) which fails with an exception on the page load.
We suggest fixing the regular expressions as follows:
——
$this->preg_replace_old[] = “/name=(‘|\”)s(‘|\”)/”;
$this->preg_replace_new[] = “name=$1” . $new_search_query . “$2”;
——
Could you review it and put it into the upstream.
Thanks
.
