Breakdance - The Website Builder You Always Wanted v2.7.2 Nulled
Security Update
This update fixes a stored XSS issue in the Form Submissions action Details panel in WordPress Admin. Some action context data in a stored submission was shown without escaping. In specific cases, HTML or JavaScript stored in that action log could run when an authorized WordPress user opened the submission’s action Details panel.
The update escapes action context keys and nested action context values before rendering them.
You should update if:
- You use Breakdance forms with Store Submission enabled
- You use form actions that log request or response details, such as Webhook
- Your forms accept public submissions
The issue requires a stored form submission and an authorized WordPress user with access to Form Submissions to open the action Details panel.
This issue affects the admin submission details view. It does not affect normal front-end page rendering for visitors.
Bug Fix
- Popups: Fixed a regression where shortcodes inside Breakdance popups did not render on the front end. Popups now render through the normal WordPress footer flow again.