[SECURITY] Generating multiple API REST keys

  • Resolved Daniel P.

    (@danidub)


    2 years, 2 months ago

    Hello, each time the plugins connects or you click the “enable unique discounts” button, it generates a new API REST key on the WooCommerce side.

    I see two errors here, the first and obvious is to have multiple keys created and activated, this is a wrong pattern and should be fixed ASAP. This is a security problem. Maybe revoking the previous API key and creating a new one would be a FIX.

    The second error I see is, on plugin settings, when you enable the unique discounts button and the feature is enabled, the same message is shown at the top of the page. This leads to user confusion because we don’t know if this feature is already enabled or not. The message shown is: “Add Unique discount codes to your emails on Omnisend” and the “enable unique discounts” button is also shown.

    Maybe once you enable the unique discounts the message needs to disappear and show something like “unique coupons ENABLED”.

    Thank you

Viewing 10 replies - 1 through 10 (of 10 total)
  • Plugin Author Omnisend

    (@omnisend)

    Hey there!
    Thanks for posting in our support thread.

    We can see that you’ve already been in touch with our Support Team therefore we’ll close this thread to keep the communication in a single place.

    If you have any questions or need any assistance, do not hesitate to contact our Support Team, we are available 24/7 and can be reached via In-app chat or email at [email protected].

    Have a great day!

    Thread Starter Daniel P.

    (@danidub)

    Please don’t mark this issue as resolved until is resolved.

    Is true that I have contacted your support team but the issues are still happening and no workaround has being issued.

    So this ticket is not resolved.

    Thank you.

    B

    (@blclda)

    @danidub Is this still happening?

    Thread Starter Daniel P.

    (@danidub)

    @blclda I have not tried again, if you try please update this ticket.

    Thank you.

    B

    (@blclda)

    Will do

    B

    (@blclda)

    Btw @danidub what woocommerce newsletter plugin do you recommend? We’re looking for something simple but mostly performant.

    Thread Starter Daniel P.

    (@danidub)

    @blclda I’ve tried many services and Omnisend for WooCommerce seems a good solution. They still need to solve some issues and hear feedback from WordPress users, but they have some really strong features as cart abandonment and automations that works really good.

    I think https://www.klaviyo.com is also a good one but expensive.

    B

    (@blclda)

    I see, thank you!

    Plugin Author Omnisend

    (@omnisend)

    Both issues mentioned are solved.

    @omnisend great work!

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘[SECURITY] Generating multiple API REST keys’ is closed to new replies.