bkolbay

I happened to be doing the same thing, today. I just removed their action and added my own in the child functions.php:

function remove_parent_functions() {
    remove_action( 'understrap_site_info', 'understrap_add_site_info' );
    add_action( 'understrap_site_info', 'understrap_add_site_child_info' );
}
add_action( 'init', 'remove_parent_functions', 15 );

function understrap_add_site_child_info() {
    echo "Foo.";
}

Any additional information? I saw there was a plugin update and I no longer get the error message about real estate data when clicking any of the links, but the simplest shortcodes still don’t work. Example: [idx-listing mlsnumber=”CR9011215″]

In case anyone stumbles onto this thread in the future, this is the code I’m now using to get the Post ID:

$submission = WPCF7_Submission::get_instance();
if($submission) {
	$cf_url = $submission->get_meta( 'url' );
	$postID = url_to_postid( $cf_url );
}

I should also note that when the product erroneously shows “Add to Quote”, clicking the button does correctly add the item to the cart, not the quote.

Any chance you’re on iPowerWeb as a host?

I found a couple other people experiencing similar spam links. The common elements were the hosting company and each theme’s functions.php had malicious lines similar to this:

<?php $wp_user_functions_init = create_function('$a',strrev(';)a$(lave'));
...
(a bunch of encoded text)
...
(edoced_46esab(lave')); ?>

Once these were removed, the spam links were gone and our contact forms worked, reliably, again. Of course, this doesn’t fix the attack vector in the hosting company. ??