Removal of search exclude from www.ads-software.com

  • Resolved hmabpera

    (@hmabpera)


    5 years, 2 months ago

    How serious is the reason that search exclude plugin has been removed from www.ads-software.com.
    I understand it’s removal is temporary. It would be good to know the reason why it has been removed and when it will be restored. thanks.

Viewing 6 replies - 16 through 21 (of 21 total)

  • Thanks for getting this sorted. I can build again!

    Plugin Contributor pronskiy

    (@pronskiy)

    Folks,

    I’ve released 1.2.4 update with the fix. Please, update your instances.

    Details:
    There were two main issues found by Plugin review team.
    1) The page /wp-admin/options-general.php?page=search_exclude which lists all the excluded pages/posts allowed editing and bring back to search results the selected items. This form was lacking permissions check and technically allowed any user to show edit excluded list.
    2) When doing bulk edit, plugin was missing user capabilities check. I.e. any logged-in user could edit excluded list.

    These issues were fixed and I’ve added some additional data filtering to improve plugin security as suggested by PLugin Review Team.

    • This reply was modified 5 years, 2 months ago by pronskiy.

    Awesome thank you!

    Fixed, thanks!

    Plugin Contributor pronskiy

    (@pronskiy)

    Folks, I’ve tagged 1.2.5 release with an additional protection (against potential CSRF) suggested by Plugin review team.

    @pronskiy – any update on this? I am still showing hidden pages in search results. I am on version 1.2.5.

    For example: 2 pages that start with “Confirm” and 2 pages that start with “Thanks” are hidden, but show up when I search for “coupons”: https://www.maxiwalker.com/?s=coupon

    • This reply was modified 5 years, 1 month ago by sdor.
Viewing 6 replies - 16 through 21 (of 21 total)
  • The topic ‘Removal of search exclude from www.ads-software.com’ is closed to new replies.

Tags