crzyhrse
Forum Replies Created
-
Forum: Plugins
In reply to: [WP Categories Widget] XSS flaw – high level security issueI also am concerned about this… Please fix soon… Wordfence has this to say about it:
WP Categories Widget <= 2.2 – Reflected Cross-Site Scripting
Description
The WP Categories Widget plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via several parameters in the wcw_terms_list() function called via an AJAX action in versions up to, and including, 2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.References
patchstack.com
plugins.trac.www.ads-software.comForum: Plugins
In reply to: [Optimize Database after Deleting Revisions] Security IssuesFrom Wordfence:
The Optimize Database after Deleting Revisions plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.0.110. This is due to missing or incorrect nonce validation on the ‘odb_start_manually’ function. This makes it possible for unauthenticated attackers to start the database optimization process via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
Also getting same from Wordfence… Following…
The proper form here in these realms, when this sort of thing happens, is to open a support ticket…
But now the review exists, and can’t be removed… And so changing the review rating is the next best thing…
And most especially because your own comments say you are using the plugin still… And so you are greatly benefiting from all the time and work developing and maintaining what is a very handy, well done and unique plugin…
So the proper and decent thing for you to do is to open a support ticket, or at the very least change this review rating… Five stars would not be wrong, even disregarding the real benefit you are gaining from it, simply because of the effort that has been put into engaging you here…
????
Forum: Plugins
In reply to: [AddToAny Share Buttons] Buttons suddenly disappeared on my siteI am finding the same, but in my case so far just in Firefox… Still showing up, so far, in Safari, Chrome and Opera…
5.162 has fixed this for me as well… Thank you again for your diligence in maintaining this plugin… ????
Just to follow as well as encourage your efforts towards 5.162… I am also now (again) getting this same issue and the latest 5.161.1 update didn’t fix it…
Same thing was going on here, on all sites cleantalk is on, and this seems to have fixed it… Thanks for all your continuing great support and followup…
Thanks Jeff for getting back so quickly… I’ll keep chasing it down, will report back if I find anything… ????
Just set up this plugin and exact same thing, same message, is happening here, only on every test message, and on a laptop… Haven’t checked mobile yet…
I am using the 2021 theme and not a whole lot going on, though some things…
Inspecting the message generated on its new blank error page, its div class is wp-die-message…
When I click the browser back button and then reload the page, the test messages do then show up…
I’m willing to give you Admin access to the site, in case you might be interested in checking things out, maybe see what is going on…? It is a non-profit site and my efforts are contributed…
Kind regards… ????
Just to say thanks, this was helpful, caught me by surprise when email of notice of major core update came through for two sites… Was able to make sure not happening on other sites…
Forum: Reviews
In reply to: [WP Meteor Website Speed Optimization Addon] Checkout Page Error@opokusamuelasante – I concur, update your review, which is easy enough to do…
I am not finding any issues anymore related to CleanTalk, not in GTMetrix and not in the browser console… So I believe we can call this ticket resolved… Thank you so very much for all your attentiveness to this… It is VERY much appreciated…
With warm regards…
It DOES work better… in the GTmetrix waterfall that one thing that was still left relating to Cleantalk went from over 4 seconds down to a little over 0.4 seconds… Testing it on two sites show similar results…
I’ll install it on some other sites as well and watch for a while, see that everything else is all right… But so far so good…
When you update Cleantalk in the WP Plugin Repository I am assuming it will all update normally from this github version that I am going to leave installed the meantime…??
And Thank you so much for being on top of this like you all are, and staying with it…
Warm regards…
Hi @shagimuratov,
I of course might wish it to be sooner, but I am very happy to hear this… I will watch for your messages about it… Thank you and kind regards…
????