Last Change: Revision 189242 by tgriepen, 16 years ago. Commit Message: Rewriting logic using WPOL library; fixing issues from previous version; implementing new Settings API. File Size: 5.0 KB. Vulnerability Key Points: - The script uses JavaScript to replace the logo, which could potentially introduce XSS vulnerabilities if the user input is not properly sanitized. - The is directly used in , which could allow for injection if is not properly validated. - The function directly manipulates the DOM using and properties with user input data. If can be manipulated, this could lead to Cross-Site Scripting (XSS) issues. - The use of or dynamic code execution within the JavaScript block through could be risky if the script is not properly validated.