ajax-admin.php used in frontend, security issue

  • Resolved torao9340

    (@torao9340)


    3 months, 2 weeks ago

    Hello, I’ve got problem with plugin. I’m premium user. When I check Network requests in console on incognito mode I can see that admin-ajax.php is used, even though it should only be used if user is logged in. It looks like security issue. When I try to enable usage of admin-ajax.php only to logged in user, plugin have problems with flags on forms. It seems that some kind of data of flags is uploaded with usage of admin-ajax.php, which is security issue.

    Is there any possibility to change plugin so it will not use admin-ajax.php publicly?

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support alexisbienayme

    (@alexisbienayme)

    Hi,

    Thanks for your concern. Could you please create a ticket at https://account.Brevo.com/support and put in the subject of the ticket “WordPress : For Alexis”, so I will have a look at it closely ?

    Best Regards,

    Alexis

    Thread Starter torao9340

    (@torao9340)

    Topic is not resolved, I’ve send support ticket 12 days ago and still waiting for reply from technical team.

    Plugin Support alexisbienayme

    (@alexisbienayme)

    Hi,

    I just grabbed the ticket, and answered you in this one.

    Best Regards,

    Alexis

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.